# API Gateway # Configurations ## Retrieve information about specific configuration properties `api_gateway.configurations.get(ConfigurationGetParams**kwargs) -> Configuration` **get** `/zones/{zone_id}/api_gateway/configuration` Gets the current API Shield configuration settings for a zone, including validation behavior and enforcement mode. ### Parameters - `zone_id: str` Identifier. - `normalize: Optional[bool]` Ensures that the configuration is written or retrieved in normalized fashion ### Returns - `class Configuration: …` - `auth_id_characteristics: List[AuthIDCharacteristic]` - `class AuthIDCharacteristicAPIShieldAuthIDCharacteristic: …` Auth ID Characteristic - `name: str` The name of the characteristic field, i.e., the header or cookie name. - `type: Literal["header", "cookie"]` The type of characteristic. - `"header"` - `"cookie"` - `class AuthIDCharacteristicAPIShieldAuthIDCharacteristicJWTClaim: …` Auth ID Characteristic extracted from JWT Token Claims - `name: str` Claim location expressed as `$(token_config_id):$(json_path)`, where `token_config_id` is the ID of the token configuration used in validating the JWT, and `json_path` is a RFC 9535 JSONPath (https://goessner.net/articles/JsonPath/, https://www.rfc-editor.org/rfc/rfc9535.html). The JSONPath expression may be in dot or bracket notation, may only specify literal keys or array indexes, and must return a singleton value, which will be interpreted as a string. - `type: Literal["jwt"]` The type of characteristic. - `"jwt"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) configuration = client.api_gateway.configurations.get( zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(configuration.auth_id_characteristics) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "auth_id_characteristics": [ { "name": "authorization", "type": "header" } ] }, "success": true } ``` ## Update configuration properties `api_gateway.configurations.update(ConfigurationUpdateParams**kwargs) -> Configuration` **put** `/zones/{zone_id}/api_gateway/configuration` Updates API Shield configuration settings for a zone. Can modify validation strictness, enforcement mode, and other global settings. ### Parameters - `zone_id: str` Identifier. - `auth_id_characteristics: Iterable[AuthIDCharacteristic]` - `class AuthIDCharacteristicAPIShieldAuthIDCharacteristic: …` Auth ID Characteristic - `name: str` The name of the characteristic field, i.e., the header or cookie name. - `type: Literal["header", "cookie"]` The type of characteristic. - `"header"` - `"cookie"` - `class AuthIDCharacteristicAPIShieldAuthIDCharacteristicJWTClaim: …` Auth ID Characteristic extracted from JWT Token Claims - `name: str` Claim location expressed as `$(token_config_id):$(json_path)`, where `token_config_id` is the ID of the token configuration used in validating the JWT, and `json_path` is a RFC 9535 JSONPath (https://goessner.net/articles/JsonPath/, https://www.rfc-editor.org/rfc/rfc9535.html). The JSONPath expression may be in dot or bracket notation, may only specify literal keys or array indexes, and must return a singleton value, which will be interpreted as a string. - `type: Literal["jwt"]` The type of characteristic. - `"jwt"` - `normalize: Optional[bool]` Ensures that the configuration is written or retrieved in normalized fashion ### Returns - `class Configuration: …` - `auth_id_characteristics: List[AuthIDCharacteristic]` - `class AuthIDCharacteristicAPIShieldAuthIDCharacteristic: …` Auth ID Characteristic - `name: str` The name of the characteristic field, i.e., the header or cookie name. - `type: Literal["header", "cookie"]` The type of characteristic. - `"header"` - `"cookie"` - `class AuthIDCharacteristicAPIShieldAuthIDCharacteristicJWTClaim: …` Auth ID Characteristic extracted from JWT Token Claims - `name: str` Claim location expressed as `$(token_config_id):$(json_path)`, where `token_config_id` is the ID of the token configuration used in validating the JWT, and `json_path` is a RFC 9535 JSONPath (https://goessner.net/articles/JsonPath/, https://www.rfc-editor.org/rfc/rfc9535.html). The JSONPath expression may be in dot or bracket notation, may only specify literal keys or array indexes, and must return a singleton value, which will be interpreted as a string. - `type: Literal["jwt"]` The type of characteristic. - `"jwt"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) configuration = client.api_gateway.configurations.update( zone_id="023e105f4ecef8ad9ca31a8372d0c353", auth_id_characteristics=[{ "name": "authorization", "type": "header", }], ) print(configuration.auth_id_characteristics) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "auth_id_characteristics": [ { "name": "authorization", "type": "header" } ] }, "success": true } ``` ## Domain Types ### Configuration - `class Configuration: …` - `auth_id_characteristics: List[AuthIDCharacteristic]` - `class AuthIDCharacteristicAPIShieldAuthIDCharacteristic: …` Auth ID Characteristic - `name: str` The name of the characteristic field, i.e., the header or cookie name. - `type: Literal["header", "cookie"]` The type of characteristic. - `"header"` - `"cookie"` - `class AuthIDCharacteristicAPIShieldAuthIDCharacteristicJWTClaim: …` Auth ID Characteristic extracted from JWT Token Claims - `name: str` Claim location expressed as `$(token_config_id):$(json_path)`, where `token_config_id` is the ID of the token configuration used in validating the JWT, and `json_path` is a RFC 9535 JSONPath (https://goessner.net/articles/JsonPath/, https://www.rfc-editor.org/rfc/rfc9535.html). The JSONPath expression may be in dot or bracket notation, may only specify literal keys or array indexes, and must return a singleton value, which will be interpreted as a string. - `type: Literal["jwt"]` The type of characteristic. - `"jwt"` # Discovery ## Retrieve discovered operations on a zone rendered as OpenAPI schemas `api_gateway.discovery.get(DiscoveryGetParams**kwargs) -> DiscoveryGetResponse` **get** `/zones/{zone_id}/api_gateway/discovery` Retrieve the most up to date view of discovered operations, rendered as OpenAPI schemas ### Parameters - `zone_id: str` Identifier. ### Returns - `class DiscoveryGetResponse: …` - `schemas: List[object]` - `timestamp: datetime` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) discovery = client.api_gateway.discovery.get( zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(discovery.schemas) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "schemas": [ { "info": { "title": "OpenAPI JSON schema for www.example.com", "version": "1.0" }, "openapi": "3.0.0", "paths": { "... Further paths ...": {}, "/api/v1/users/{var1}": { "get": { "parameters": [ { "in": "path", "name": "var1", "required": true, "schema": { "type": "string" } } ] } } }, "servers": [ { "url": "www.example.com" } ] } ], "timestamp": "2014-01-01T05:20:00.12345Z" }, "success": true } ``` ## Domain Types ### Discovery Operation - `class DiscoveryOperation: …` - `id: str` UUID. - `endpoint: str` The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/. - `host: str` RFC3986-compliant host. - `last_updated: datetime` - `method: Literal["GET", "POST", "HEAD", 6 more]` The HTTP method used to access the endpoint. - `"GET"` - `"POST"` - `"HEAD"` - `"OPTIONS"` - `"PUT"` - `"DELETE"` - `"CONNECT"` - `"PATCH"` - `"TRACE"` - `origin: List[Literal["ML", "SessionIdentifier", "LabelDiscovery"]]` API discovery engine(s) that discovered this operation - `"ML"` - `"SessionIdentifier"` - `"LabelDiscovery"` - `state: Literal["review", "saved", "ignored"]` State of operation in API Discovery * `review` - Operation is not saved into API Shield Endpoint Management * `saved` - Operation is saved into API Shield Endpoint Management * `ignored` - Operation is marked as ignored - `"review"` - `"saved"` - `"ignored"` - `features: Optional[Features]` - `traffic_stats: Optional[FeaturesTrafficStats]` - `last_updated: datetime` - `period_seconds: int` The period in seconds these statistics were computed over - `requests: float` The average number of requests seen during this period ### Discovery Get Response - `class DiscoveryGetResponse: …` - `schemas: List[object]` - `timestamp: datetime` # Operations ## Retrieve discovered operations on a zone `api_gateway.discovery.operations.list(OperationListParams**kwargs) -> SyncV4PagePaginationArray[DiscoveryOperation]` **get** `/zones/{zone_id}/api_gateway/discovery/operations` Retrieve the most up to date view of discovered operations ### Parameters - `zone_id: str` Identifier. - `diff: Optional[bool]` When `true`, only return API Discovery results that are not saved into API Shield Endpoint Management - `direction: Optional[Literal["asc", "desc"]]` Direction to order results. - `"asc"` - `"desc"` - `endpoint: Optional[str]` Filter results to only include endpoints containing this pattern. - `host: Optional[SequenceNotStr[str]]` Filter results to only include the specified hosts. - `method: Optional[SequenceNotStr[str]]` Filter results to only include the specified HTTP methods. - `order: Optional[Literal["host", "method", "endpoint", 2 more]]` Field to order by - `"host"` - `"method"` - `"endpoint"` - `"traffic_stats.requests"` - `"traffic_stats.last_updated"` - `origin: Optional[Literal["ML", "SessionIdentifier", "LabelDiscovery"]]` Filter results to only include discovery results sourced from a particular discovery engine * `ML` - Discovered operations that were sourced using ML API Discovery * `SessionIdentifier` - Discovered operations that were sourced using Session Identifier API Discovery - `"ML"` - `"SessionIdentifier"` - `"LabelDiscovery"` - `page: Optional[int]` Page number of paginated results. - `per_page: Optional[int]` Maximum number of results per page. - `state: Optional[Literal["review", "saved", "ignored"]]` Filter results to only include discovery results in a particular state. States are as follows * `review` - Discovered operations that are not saved into API Shield Endpoint Management * `saved` - Discovered operations that are already saved into API Shield Endpoint Management * `ignored` - Discovered operations that have been marked as ignored - `"review"` - `"saved"` - `"ignored"` ### Returns - `class DiscoveryOperation: …` - `id: str` UUID. - `endpoint: str` The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/. - `host: str` RFC3986-compliant host. - `last_updated: datetime` - `method: Literal["GET", "POST", "HEAD", 6 more]` The HTTP method used to access the endpoint. - `"GET"` - `"POST"` - `"HEAD"` - `"OPTIONS"` - `"PUT"` - `"DELETE"` - `"CONNECT"` - `"PATCH"` - `"TRACE"` - `origin: List[Literal["ML", "SessionIdentifier", "LabelDiscovery"]]` API discovery engine(s) that discovered this operation - `"ML"` - `"SessionIdentifier"` - `"LabelDiscovery"` - `state: Literal["review", "saved", "ignored"]` State of operation in API Discovery * `review` - Operation is not saved into API Shield Endpoint Management * `saved` - Operation is saved into API Shield Endpoint Management * `ignored` - Operation is marked as ignored - `"review"` - `"saved"` - `"ignored"` - `features: Optional[Features]` - `traffic_stats: Optional[FeaturesTrafficStats]` - `last_updated: datetime` - `period_seconds: int` The period in seconds these statistics were computed over - `requests: float` The average number of requests seen during this period ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) page = client.api_gateway.discovery.operations.list( zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) page = page.result[0] print(page.id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", "endpoint": "/api/v1/users/{var1}", "host": "www.example.com", "last_updated": "2014-01-01T05:20:00.12345Z", "method": "GET", "origin": [ "ML" ], "state": "review", "features": { "traffic_stats": { "last_updated": "2014-01-01T05:20:00.12345Z", "period_seconds": 3600, "requests": 1987.06 } } } ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000, "total_pages": 100 } } ``` ## Patch discovered operation `api_gateway.discovery.operations.edit(stroperation_id, OperationEditParams**kwargs) -> OperationEditResponse` **patch** `/zones/{zone_id}/api_gateway/discovery/operations/{operation_id}` Update the `state` on a discovered operation ### Parameters - `zone_id: str` Identifier. - `operation_id: str` UUID. - `state: Optional[Literal["review", "ignored"]]` Mark state of operation in API Discovery * `review` - Mark operation as for review * `ignored` - Mark operation as ignored - `"review"` - `"ignored"` ### Returns - `class OperationEditResponse: …` - `state: Optional[Literal["review", "saved", "ignored"]]` State of operation in API Discovery * `review` - Operation is not saved into API Shield Endpoint Management * `saved` - Operation is saved into API Shield Endpoint Management * `ignored` - Operation is marked as ignored - `"review"` - `"saved"` - `"ignored"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) response = client.api_gateway.discovery.operations.edit( operation_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(response.state) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "state": "review" }, "success": true } ``` ## Patch discovered operations `api_gateway.discovery.operations.bulk_edit(OperationBulkEditParams**kwargs) -> OperationBulkEditResponse` **patch** `/zones/{zone_id}/api_gateway/discovery/operations` Update the `state` on one or more discovered operations ### Parameters - `zone_id: str` Identifier. - `body: Dict[str, Body]` - `state: Optional[Literal["review", "ignored"]]` Mark state of operation in API Discovery * `review` - Mark operation as for review * `ignored` - Mark operation as ignored - `"review"` - `"ignored"` ### Returns - `Dict[str, OperationBulkEditResponseItem]` - `state: Optional[Literal["review", "ignored"]]` Mark state of operation in API Discovery * `review` - Mark operation as for review * `ignored` - Mark operation as ignored - `"review"` - `"ignored"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) response = client.api_gateway.discovery.operations.bulk_edit( zone_id="023e105f4ecef8ad9ca31a8372d0c353", body={ "3818d821-5901-4147-a474-f5f5aec1d54e": {}, "b17c8043-99a0-4202-b7d9-8f7cdbee02cd": {}, }, ) print(response) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "3818d821-5901-4147-a474-f5f5aec1d54e": { "state": "ignored" }, "b17c8043-99a0-4202-b7d9-8f7cdbee02cd": { "state": "review" } }, "success": true } ``` ## Domain Types ### Operation Edit Response - `class OperationEditResponse: …` - `state: Optional[Literal["review", "saved", "ignored"]]` State of operation in API Discovery * `review` - Operation is not saved into API Shield Endpoint Management * `saved` - Operation is saved into API Shield Endpoint Management * `ignored` - Operation is marked as ignored - `"review"` - `"saved"` - `"ignored"` ### Operation Bulk Edit Response - `Dict[str, OperationBulkEditResponseItem]` - `state: Optional[Literal["review", "ignored"]]` Mark state of operation in API Discovery * `review` - Mark operation as for review * `ignored` - Mark operation as ignored - `"review"` - `"ignored"` # Labels ## Retrieve all labels `api_gateway.labels.list(LabelListParams**kwargs) -> SyncV4PagePaginationArray[LabelListResponse]` **get** `/zones/{zone_id}/api_gateway/labels` Retrieve all labels ### Parameters - `zone_id: str` Identifier. - `direction: Optional[Literal["asc", "desc"]]` Direction to order results. - `"asc"` - `"desc"` - `filter: Optional[str]` Filter for labels where the name or description matches using substring match - `order: Optional[Literal["name", "description", "created_at", 2 more]]` Field to order by - `"name"` - `"description"` - `"created_at"` - `"last_updated"` - `"mapped_resources.operations"` - `page: Optional[int]` Page number of paginated results. - `per_page: Optional[int]` Maximum number of results per page. - `source: Optional[Literal["user", "managed"]]` Filter for labels with source - `"user"` - `"managed"` - `with_mapped_resource_counts: Optional[bool]` Include `mapped_resources` for each label ### Returns - `class LabelListResponse: …` - `created_at: datetime` - `description: str` The description of the label - `last_updated: datetime` - `metadata: object` Metadata for the label - `name: str` The name of the label - `source: Literal["user", "managed"]` * `user` - label is owned by the user * `managed` - label is owned by cloudflare - `"user"` - `"managed"` - `mapped_resources: Optional[object]` Provides counts of what resources are linked to this label ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) page = client.api_gateway.labels.list( zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) page = page.result[0] print(page.created_at) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "created_at": "2014-01-01T05:20:00.12345Z", "description": "All endpoints that deal with logins", "last_updated": "2014-01-01T05:20:00.12345Z", "metadata": { "foo": "bar" }, "name": "login", "source": "user", "mapped_resources": { "operations": 29 } } ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000, "total_pages": 100 } } ``` ## Domain Types ### Label List Response - `class LabelListResponse: …` - `created_at: datetime` - `description: str` The description of the label - `last_updated: datetime` - `metadata: object` Metadata for the label - `name: str` The name of the label - `source: Literal["user", "managed"]` * `user` - label is owned by the user * `managed` - label is owned by cloudflare - `"user"` - `"managed"` - `mapped_resources: Optional[object]` Provides counts of what resources are linked to this label # User ## Create user labels `api_gateway.labels.user.bulk_create(UserBulkCreateParams**kwargs) -> SyncSinglePage[UserBulkCreateResponse]` **post** `/zones/{zone_id}/api_gateway/labels/user` Create user labels ### Parameters - `zone_id: str` Identifier. - `body: Iterable[Body]` - `name: str` The name of the label - `description: Optional[str]` The description of the label - `metadata: Optional[object]` Metadata for the label ### Returns - `class UserBulkCreateResponse: …` - `created_at: datetime` - `description: str` The description of the label - `last_updated: datetime` - `metadata: object` Metadata for the label - `name: str` The name of the label - `source: Literal["user", "managed"]` * `user` - label is owned by the user * `managed` - label is owned by cloudflare - `"user"` - `"managed"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) page = client.api_gateway.labels.user.bulk_create( zone_id="023e105f4ecef8ad9ca31a8372d0c353", body=[{ "name": "login" }], ) page = page.result[0] print(page.created_at) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "created_at": "2014-01-01T05:20:00.12345Z", "description": "All endpoints that deal with logins", "last_updated": "2014-01-01T05:20:00.12345Z", "metadata": { "foo": "bar" }, "name": "login", "source": "user" } ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000, "total_pages": 100 } } ``` ## Delete user labels `api_gateway.labels.user.bulk_delete(UserBulkDeleteParams**kwargs) -> SyncSinglePage[UserBulkDeleteResponse]` **delete** `/zones/{zone_id}/api_gateway/labels/user` Delete user labels ### Parameters - `zone_id: str` Identifier. ### Returns - `class UserBulkDeleteResponse: …` - `created_at: datetime` - `description: str` The description of the label - `last_updated: datetime` - `metadata: object` Metadata for the label - `name: str` The name of the label - `source: Literal["user", "managed"]` * `user` - label is owned by the user * `managed` - label is owned by cloudflare - `"user"` - `"managed"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) page = client.api_gateway.labels.user.bulk_delete( zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) page = page.result[0] print(page.created_at) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "created_at": "2014-01-01T05:20:00.12345Z", "description": "All endpoints that deal with logins", "last_updated": "2014-01-01T05:20:00.12345Z", "metadata": { "foo": "bar" }, "name": "login", "source": "user" } ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000, "total_pages": 100 } } ``` ## Retrieve user label `api_gateway.labels.user.get(strname, UserGetParams**kwargs) -> UserGetResponse` **get** `/zones/{zone_id}/api_gateway/labels/user/{name}` Retrieve user label ### Parameters - `zone_id: str` Identifier. - `name: str` The name of the label - `with_mapped_resource_counts: Optional[bool]` Include `mapped_resources` for each label ### Returns - `class UserGetResponse: …` - `created_at: datetime` - `description: str` The description of the label - `last_updated: datetime` - `metadata: object` Metadata for the label - `name: str` The name of the label - `source: Literal["user", "managed"]` * `user` - label is owned by the user * `managed` - label is owned by cloudflare - `"user"` - `"managed"` - `mapped_resources: Optional[object]` Provides counts of what resources are linked to this label ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) user = client.api_gateway.labels.user.get( name="login", zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(user.created_at) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "created_at": "2014-01-01T05:20:00.12345Z", "description": "All endpoints that deal with logins", "last_updated": "2014-01-01T05:20:00.12345Z", "metadata": { "foo": "bar" }, "name": "login", "source": "user", "mapped_resources": { "operations": 29 } }, "success": true } ``` ## Update user label `api_gateway.labels.user.update(strname, UserUpdateParams**kwargs) -> UserUpdateResponse` **put** `/zones/{zone_id}/api_gateway/labels/user/{name}` Update all fields on a label ### Parameters - `zone_id: str` Identifier. - `name: str` The name of the label - `description: Optional[str]` The description of the label - `metadata: Optional[object]` Metadata for the label ### Returns - `class UserUpdateResponse: …` - `created_at: datetime` - `description: str` The description of the label - `last_updated: datetime` - `metadata: object` Metadata for the label - `name: str` The name of the label - `source: Literal["user", "managed"]` * `user` - label is owned by the user * `managed` - label is owned by cloudflare - `"user"` - `"managed"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) user = client.api_gateway.labels.user.update( name="login", zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(user.created_at) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "created_at": "2014-01-01T05:20:00.12345Z", "description": "All endpoints that deal with logins", "last_updated": "2014-01-01T05:20:00.12345Z", "metadata": { "foo": "bar" }, "name": "login", "source": "user" }, "success": true } ``` ## Patch user label `api_gateway.labels.user.edit(strname, UserEditParams**kwargs) -> UserEditResponse` **patch** `/zones/{zone_id}/api_gateway/labels/user/{name}` Update certain fields on a label ### Parameters - `zone_id: str` Identifier. - `name: str` The name of the label - `description: Optional[str]` The description of the label - `metadata: Optional[object]` Metadata for the label ### Returns - `class UserEditResponse: …` - `created_at: datetime` - `description: str` The description of the label - `last_updated: datetime` - `metadata: object` Metadata for the label - `name: str` The name of the label - `source: Literal["user", "managed"]` * `user` - label is owned by the user * `managed` - label is owned by cloudflare - `"user"` - `"managed"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) response = client.api_gateway.labels.user.edit( name="login", zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(response.created_at) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "created_at": "2014-01-01T05:20:00.12345Z", "description": "All endpoints that deal with logins", "last_updated": "2014-01-01T05:20:00.12345Z", "metadata": { "foo": "bar" }, "name": "login", "source": "user" }, "success": true } ``` ## Delete user label `api_gateway.labels.user.delete(strname, UserDeleteParams**kwargs) -> UserDeleteResponse` **delete** `/zones/{zone_id}/api_gateway/labels/user/{name}` Delete user label ### Parameters - `zone_id: str` Identifier. - `name: str` The name of the label ### Returns - `class UserDeleteResponse: …` - `created_at: datetime` - `description: str` The description of the label - `last_updated: datetime` - `metadata: object` Metadata for the label - `name: str` The name of the label - `source: Literal["user", "managed"]` * `user` - label is owned by the user * `managed` - label is owned by cloudflare - `"user"` - `"managed"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) user = client.api_gateway.labels.user.delete( name="login", zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(user.created_at) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "created_at": "2014-01-01T05:20:00.12345Z", "description": "All endpoints that deal with logins", "last_updated": "2014-01-01T05:20:00.12345Z", "metadata": { "foo": "bar" }, "name": "login", "source": "user" }, "success": true } ``` ## Domain Types ### User Bulk Create Response - `class UserBulkCreateResponse: …` - `created_at: datetime` - `description: str` The description of the label - `last_updated: datetime` - `metadata: object` Metadata for the label - `name: str` The name of the label - `source: Literal["user", "managed"]` * `user` - label is owned by the user * `managed` - label is owned by cloudflare - `"user"` - `"managed"` ### User Bulk Delete Response - `class UserBulkDeleteResponse: …` - `created_at: datetime` - `description: str` The description of the label - `last_updated: datetime` - `metadata: object` Metadata for the label - `name: str` The name of the label - `source: Literal["user", "managed"]` * `user` - label is owned by the user * `managed` - label is owned by cloudflare - `"user"` - `"managed"` ### User Get Response - `class UserGetResponse: …` - `created_at: datetime` - `description: str` The description of the label - `last_updated: datetime` - `metadata: object` Metadata for the label - `name: str` The name of the label - `source: Literal["user", "managed"]` * `user` - label is owned by the user * `managed` - label is owned by cloudflare - `"user"` - `"managed"` - `mapped_resources: Optional[object]` Provides counts of what resources are linked to this label ### User Update Response - `class UserUpdateResponse: …` - `created_at: datetime` - `description: str` The description of the label - `last_updated: datetime` - `metadata: object` Metadata for the label - `name: str` The name of the label - `source: Literal["user", "managed"]` * `user` - label is owned by the user * `managed` - label is owned by cloudflare - `"user"` - `"managed"` ### User Edit Response - `class UserEditResponse: …` - `created_at: datetime` - `description: str` The description of the label - `last_updated: datetime` - `metadata: object` Metadata for the label - `name: str` The name of the label - `source: Literal["user", "managed"]` * `user` - label is owned by the user * `managed` - label is owned by cloudflare - `"user"` - `"managed"` ### User Delete Response - `class UserDeleteResponse: …` - `created_at: datetime` - `description: str` The description of the label - `last_updated: datetime` - `metadata: object` Metadata for the label - `name: str` The name of the label - `source: Literal["user", "managed"]` * `user` - label is owned by the user * `managed` - label is owned by cloudflare - `"user"` - `"managed"` # Resources # Operation ## Replace operation(s) attached to a user label `api_gateway.labels.user.resources.operation.update(strname, OperationUpdateParams**kwargs) -> OperationUpdateResponse` **put** `/zones/{zone_id}/api_gateway/labels/user/{name}/resources/operation` Replace all operations(s) attached to a user label ### Parameters - `zone_id: str` Identifier. - `name: str` The name of the label - `selector: Selector` Operation IDs selector - `include: SelectorInclude` - `operation_ids: SequenceNotStr[str]` ### Returns - `class OperationUpdateResponse: …` - `created_at: datetime` - `description: str` The description of the label - `last_updated: datetime` - `metadata: object` Metadata for the label - `name: str` The name of the label - `source: Literal["user", "managed"]` * `user` - label is owned by the user * `managed` - label is owned by cloudflare - `"user"` - `"managed"` - `mapped_resources: Optional[object]` Provides counts of what resources are linked to this label ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) operation = client.api_gateway.labels.user.resources.operation.update( name="login", zone_id="023e105f4ecef8ad9ca31a8372d0c353", selector={ "include": { "operation_ids": ["f174e90a-fafe-4643-bbbc-4a0ed4fc8415"] } }, ) print(operation.created_at) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "created_at": "2014-01-01T05:20:00.12345Z", "description": "All endpoints that deal with logins", "last_updated": "2014-01-01T05:20:00.12345Z", "metadata": { "foo": "bar" }, "name": "login", "source": "user", "mapped_resources": { "operations": 29 } }, "success": true } ``` ## Domain Types ### Operation Update Response - `class OperationUpdateResponse: …` - `created_at: datetime` - `description: str` The description of the label - `last_updated: datetime` - `metadata: object` Metadata for the label - `name: str` The name of the label - `source: Literal["user", "managed"]` * `user` - label is owned by the user * `managed` - label is owned by cloudflare - `"user"` - `"managed"` - `mapped_resources: Optional[object]` Provides counts of what resources are linked to this label # Managed ## Retrieve managed label `api_gateway.labels.managed.get(strname, ManagedGetParams**kwargs) -> ManagedGetResponse` **get** `/zones/{zone_id}/api_gateway/labels/managed/{name}` Retrieve managed label ### Parameters - `zone_id: str` Identifier. - `name: str` The name of the label - `with_mapped_resource_counts: Optional[bool]` Include `mapped_resources` for each label ### Returns - `class ManagedGetResponse: …` - `created_at: datetime` - `description: str` The description of the label - `last_updated: datetime` - `metadata: object` Metadata for the label - `name: str` The name of the label - `source: Literal["user", "managed"]` * `user` - label is owned by the user * `managed` - label is owned by cloudflare - `"user"` - `"managed"` - `mapped_resources: Optional[object]` Provides counts of what resources are linked to this label ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) managed = client.api_gateway.labels.managed.get( name="login", zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(managed.created_at) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "created_at": "2014-01-01T05:20:00.12345Z", "description": "All endpoints that deal with logins", "last_updated": "2014-01-01T05:20:00.12345Z", "metadata": { "foo": "bar" }, "name": "login", "source": "managed", "mapped_resources": { "operations": 29 } }, "success": true } ``` ## Domain Types ### Managed Get Response - `class ManagedGetResponse: …` - `created_at: datetime` - `description: str` The description of the label - `last_updated: datetime` - `metadata: object` Metadata for the label - `name: str` The name of the label - `source: Literal["user", "managed"]` * `user` - label is owned by the user * `managed` - label is owned by cloudflare - `"user"` - `"managed"` - `mapped_resources: Optional[object]` Provides counts of what resources are linked to this label # Resources # Operation ## Replace operation(s) attached to a managed label `api_gateway.labels.managed.resources.operation.update(strname, OperationUpdateParams**kwargs) -> OperationUpdateResponse` **put** `/zones/{zone_id}/api_gateway/labels/managed/{name}/resources/operation` Replace all operations(s) attached to a managed label ### Parameters - `zone_id: str` Identifier. - `name: str` The name of the label - `selector: Selector` Operation IDs selector - `include: SelectorInclude` - `operation_ids: SequenceNotStr[str]` ### Returns - `class OperationUpdateResponse: …` - `created_at: datetime` - `description: str` The description of the label - `last_updated: datetime` - `metadata: object` Metadata for the label - `name: str` The name of the label - `source: Literal["user", "managed"]` * `user` - label is owned by the user * `managed` - label is owned by cloudflare - `"user"` - `"managed"` - `mapped_resources: Optional[object]` Provides counts of what resources are linked to this label ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) operation = client.api_gateway.labels.managed.resources.operation.update( name="login", zone_id="023e105f4ecef8ad9ca31a8372d0c353", selector={ "include": { "operation_ids": ["f174e90a-fafe-4643-bbbc-4a0ed4fc8415"] } }, ) print(operation.created_at) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "created_at": "2014-01-01T05:20:00.12345Z", "description": "All endpoints that deal with logins", "last_updated": "2014-01-01T05:20:00.12345Z", "metadata": { "foo": "bar" }, "name": "login", "source": "managed", "mapped_resources": { "operations": 29 } }, "success": true } ``` ## Domain Types ### Operation Update Response - `class OperationUpdateResponse: …` - `created_at: datetime` - `description: str` The description of the label - `last_updated: datetime` - `metadata: object` Metadata for the label - `name: str` The name of the label - `source: Literal["user", "managed"]` * `user` - label is owned by the user * `managed` - label is owned by cloudflare - `"user"` - `"managed"` - `mapped_resources: Optional[object]` Provides counts of what resources are linked to this label # Operations ## Retrieve information about all operations on a zone `api_gateway.operations.list(OperationListParams**kwargs) -> SyncV4PagePaginationArray[OperationListResponse]` **get** `/zones/{zone_id}/api_gateway/operations` Lists all API operations tracked by API Shield for a zone with pagination. Returns operation details including method, path, and feature configurations. ### Parameters - `zone_id: str` Identifier. - `direction: Optional[Literal["asc", "desc"]]` Direction to order results. - `"asc"` - `"desc"` - `endpoint: Optional[str]` Filter results to only include endpoints containing this pattern. - `feature: Optional[List[Literal["thresholds", "parameter_schemas", "schema_info"]]]` Add feature(s) to the results. The feature name that is given here corresponds to the resulting feature object. Have a look at the top-level object description for more details on the specific meaning. - `"thresholds"` - `"parameter_schemas"` - `"schema_info"` - `host: Optional[SequenceNotStr[str]]` Filter results to only include the specified hosts. - `method: Optional[SequenceNotStr[str]]` Filter results to only include the specified HTTP methods. - `order: Optional[Literal["method", "host", "endpoint", "thresholds.$key"]]` Field to order by. When requesting a feature, the feature keys are available for ordering as well, e.g., `thresholds.suggested_threshold`. - `"method"` - `"host"` - `"endpoint"` - `"thresholds.$key"` - `page: Optional[int]` Page number of paginated results. - `per_page: Optional[int]` Maximum number of results per page. ### Returns - `class OperationListResponse: …` - `endpoint: str` The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/. - `host: str` RFC3986-compliant host. - `last_updated: datetime` - `method: Literal["GET", "POST", "HEAD", 6 more]` The HTTP method used to access the endpoint. - `"GET"` - `"POST"` - `"HEAD"` - `"OPTIONS"` - `"PUT"` - `"DELETE"` - `"CONNECT"` - `"PATCH"` - `"TRACE"` - `operation_id: str` UUID. - `features: Optional[Features]` - `class FeaturesAPIShieldOperationFeatureThresholds: …` - `thresholds: Optional[FeaturesAPIShieldOperationFeatureThresholdsThresholds]` - `auth_id_tokens: Optional[int]` The total number of auth-ids seen across this calculation. - `data_points: Optional[int]` The number of data points used for the threshold suggestion calculation. - `last_updated: Optional[datetime]` - `p50: Optional[int]` The p50 quantile of requests (in period_seconds). - `p90: Optional[int]` The p90 quantile of requests (in period_seconds). - `p99: Optional[int]` The p99 quantile of requests (in period_seconds). - `period_seconds: Optional[int]` The period over which this threshold is suggested. - `requests: Optional[int]` The estimated number of requests covered by these calculations. - `suggested_threshold: Optional[int]` The suggested threshold in requests done by the same auth_id or period_seconds. - `class FeaturesAPIShieldOperationFeatureParameterSchemas: …` - `parameter_schemas: FeaturesAPIShieldOperationFeatureParameterSchemasParameterSchemas` - `last_updated: Optional[datetime]` - `parameter_schemas: Optional[FeaturesAPIShieldOperationFeatureParameterSchemasParameterSchemasParameterSchemas]` An operation schema object containing a response. - `parameters: Optional[List[object]]` An array containing the learned parameter schemas. - `responses: Optional[object]` An empty response object. This field is required to yield a valid operation schema. - `class FeaturesAPIShieldOperationFeatureAPIRouting: …` - `api_routing: Optional[FeaturesAPIShieldOperationFeatureAPIRoutingAPIRouting]` API Routing settings on endpoint. - `last_updated: Optional[datetime]` - `route: Optional[str]` Target route. - `class FeaturesAPIShieldOperationFeatureConfidenceIntervals: …` - `confidence_intervals: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervals]` - `last_updated: Optional[datetime]` - `suggested_threshold: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThreshold]` - `confidence_intervals: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervals]` - `p90: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervalsP90]` Upper and lower bound for percentile estimate - `lower: Optional[float]` Lower bound for percentile estimate - `upper: Optional[float]` Upper bound for percentile estimate - `p95: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervalsP95]` Upper and lower bound for percentile estimate - `lower: Optional[float]` Lower bound for percentile estimate - `upper: Optional[float]` Upper bound for percentile estimate - `p99: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervalsP99]` Upper and lower bound for percentile estimate - `lower: Optional[float]` Lower bound for percentile estimate - `upper: Optional[float]` Upper bound for percentile estimate - `mean: Optional[float]` Suggested threshold. - `class FeaturesAPIShieldOperationFeatureSchemaInfo: …` - `schema_info: Optional[FeaturesAPIShieldOperationFeatureSchemaInfoSchemaInfo]` - `active_schema: Optional[FeaturesAPIShieldOperationFeatureSchemaInfoSchemaInfoActiveSchema]` Schema active on endpoint. - `id: Optional[str]` UUID. - `created_at: Optional[datetime]` - `is_learned: Optional[bool]` True if schema is Cloudflare-provided. - `name: Optional[str]` Schema file name. - `learned_available: Optional[bool]` True if a Cloudflare-provided learned schema is available for this endpoint. - `mitigation_action: Optional[Literal["none", "log", "block"]]` Action taken on requests failing validation. - `"none"` - `"log"` - `"block"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) page = client.api_gateway.operations.list( zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) page = page.result[0] print(page.operation_id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "endpoint": "/api/v1/users/{var1}", "host": "www.example.com", "last_updated": "2014-01-01T05:20:00.12345Z", "method": "GET", "operation_id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", "features": { "thresholds": { "auth_id_tokens": 0, "data_points": 0, "last_updated": "2014-01-01T05:20:00.12345Z", "p50": 0, "p90": 0, "p99": 0, "period_seconds": 0, "requests": 0, "suggested_threshold": 0 } } } ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000, "total_pages": 100 } } ``` ## Retrieve information about an operation `api_gateway.operations.get(stroperation_id, OperationGetParams**kwargs) -> OperationGetResponse` **get** `/zones/{zone_id}/api_gateway/operations/{operation_id}` Gets detailed information about a specific API operation in API Shield, including its schema validation settings and traffic statistics. ### Parameters - `zone_id: str` Identifier. - `operation_id: str` UUID. - `feature: Optional[List[Literal["thresholds", "parameter_schemas", "schema_info"]]]` Add feature(s) to the results. The feature name that is given here corresponds to the resulting feature object. Have a look at the top-level object description for more details on the specific meaning. - `"thresholds"` - `"parameter_schemas"` - `"schema_info"` ### Returns - `class OperationGetResponse: …` - `endpoint: str` The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/. - `host: str` RFC3986-compliant host. - `last_updated: datetime` - `method: Literal["GET", "POST", "HEAD", 6 more]` The HTTP method used to access the endpoint. - `"GET"` - `"POST"` - `"HEAD"` - `"OPTIONS"` - `"PUT"` - `"DELETE"` - `"CONNECT"` - `"PATCH"` - `"TRACE"` - `operation_id: str` UUID. - `features: Optional[Features]` - `class FeaturesAPIShieldOperationFeatureThresholds: …` - `thresholds: Optional[FeaturesAPIShieldOperationFeatureThresholdsThresholds]` - `auth_id_tokens: Optional[int]` The total number of auth-ids seen across this calculation. - `data_points: Optional[int]` The number of data points used for the threshold suggestion calculation. - `last_updated: Optional[datetime]` - `p50: Optional[int]` The p50 quantile of requests (in period_seconds). - `p90: Optional[int]` The p90 quantile of requests (in period_seconds). - `p99: Optional[int]` The p99 quantile of requests (in period_seconds). - `period_seconds: Optional[int]` The period over which this threshold is suggested. - `requests: Optional[int]` The estimated number of requests covered by these calculations. - `suggested_threshold: Optional[int]` The suggested threshold in requests done by the same auth_id or period_seconds. - `class FeaturesAPIShieldOperationFeatureParameterSchemas: …` - `parameter_schemas: FeaturesAPIShieldOperationFeatureParameterSchemasParameterSchemas` - `last_updated: Optional[datetime]` - `parameter_schemas: Optional[FeaturesAPIShieldOperationFeatureParameterSchemasParameterSchemasParameterSchemas]` An operation schema object containing a response. - `parameters: Optional[List[object]]` An array containing the learned parameter schemas. - `responses: Optional[object]` An empty response object. This field is required to yield a valid operation schema. - `class FeaturesAPIShieldOperationFeatureAPIRouting: …` - `api_routing: Optional[FeaturesAPIShieldOperationFeatureAPIRoutingAPIRouting]` API Routing settings on endpoint. - `last_updated: Optional[datetime]` - `route: Optional[str]` Target route. - `class FeaturesAPIShieldOperationFeatureConfidenceIntervals: …` - `confidence_intervals: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervals]` - `last_updated: Optional[datetime]` - `suggested_threshold: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThreshold]` - `confidence_intervals: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervals]` - `p90: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervalsP90]` Upper and lower bound for percentile estimate - `lower: Optional[float]` Lower bound for percentile estimate - `upper: Optional[float]` Upper bound for percentile estimate - `p95: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervalsP95]` Upper and lower bound for percentile estimate - `lower: Optional[float]` Lower bound for percentile estimate - `upper: Optional[float]` Upper bound for percentile estimate - `p99: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervalsP99]` Upper and lower bound for percentile estimate - `lower: Optional[float]` Lower bound for percentile estimate - `upper: Optional[float]` Upper bound for percentile estimate - `mean: Optional[float]` Suggested threshold. - `class FeaturesAPIShieldOperationFeatureSchemaInfo: …` - `schema_info: Optional[FeaturesAPIShieldOperationFeatureSchemaInfoSchemaInfo]` - `active_schema: Optional[FeaturesAPIShieldOperationFeatureSchemaInfoSchemaInfoActiveSchema]` Schema active on endpoint. - `id: Optional[str]` UUID. - `created_at: Optional[datetime]` - `is_learned: Optional[bool]` True if schema is Cloudflare-provided. - `name: Optional[str]` Schema file name. - `learned_available: Optional[bool]` True if a Cloudflare-provided learned schema is available for this endpoint. - `mitigation_action: Optional[Literal["none", "log", "block"]]` Action taken on requests failing validation. - `"none"` - `"log"` - `"block"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) operation = client.api_gateway.operations.get( operation_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(operation.operation_id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "endpoint": "/api/v1/users/{var1}", "host": "www.example.com", "last_updated": "2014-01-01T05:20:00.12345Z", "method": "GET", "operation_id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", "features": { "thresholds": { "auth_id_tokens": 0, "data_points": 0, "last_updated": "2014-01-01T05:20:00.12345Z", "p50": 0, "p90": 0, "p99": 0, "period_seconds": 0, "requests": 0, "suggested_threshold": 0 } } }, "success": true } ``` ## Add one operation to a zone `api_gateway.operations.create(OperationCreateParams**kwargs) -> OperationCreateResponse` **post** `/zones/{zone_id}/api_gateway/operations/item` Add one operation to a zone. Endpoints can contain path variables. Host, method, endpoint will be normalized to a canoncial form when creating an operation and must be unique on the zone. Inserting an operation that matches an existing one will return the record of the already existing operation and update its last_updated date. ### Parameters - `zone_id: str` Identifier. - `endpoint: str` The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/. - `host: str` RFC3986-compliant host. - `method: Literal["GET", "POST", "HEAD", 6 more]` The HTTP method used to access the endpoint. - `"GET"` - `"POST"` - `"HEAD"` - `"OPTIONS"` - `"PUT"` - `"DELETE"` - `"CONNECT"` - `"PATCH"` - `"TRACE"` ### Returns - `class OperationCreateResponse: …` - `endpoint: str` The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/. - `host: str` RFC3986-compliant host. - `last_updated: datetime` - `method: Literal["GET", "POST", "HEAD", 6 more]` The HTTP method used to access the endpoint. - `"GET"` - `"POST"` - `"HEAD"` - `"OPTIONS"` - `"PUT"` - `"DELETE"` - `"CONNECT"` - `"PATCH"` - `"TRACE"` - `operation_id: str` UUID. - `features: Optional[Features]` - `class FeaturesAPIShieldOperationFeatureThresholds: …` - `thresholds: Optional[FeaturesAPIShieldOperationFeatureThresholdsThresholds]` - `auth_id_tokens: Optional[int]` The total number of auth-ids seen across this calculation. - `data_points: Optional[int]` The number of data points used for the threshold suggestion calculation. - `last_updated: Optional[datetime]` - `p50: Optional[int]` The p50 quantile of requests (in period_seconds). - `p90: Optional[int]` The p90 quantile of requests (in period_seconds). - `p99: Optional[int]` The p99 quantile of requests (in period_seconds). - `period_seconds: Optional[int]` The period over which this threshold is suggested. - `requests: Optional[int]` The estimated number of requests covered by these calculations. - `suggested_threshold: Optional[int]` The suggested threshold in requests done by the same auth_id or period_seconds. - `class FeaturesAPIShieldOperationFeatureParameterSchemas: …` - `parameter_schemas: FeaturesAPIShieldOperationFeatureParameterSchemasParameterSchemas` - `last_updated: Optional[datetime]` - `parameter_schemas: Optional[FeaturesAPIShieldOperationFeatureParameterSchemasParameterSchemasParameterSchemas]` An operation schema object containing a response. - `parameters: Optional[List[object]]` An array containing the learned parameter schemas. - `responses: Optional[object]` An empty response object. This field is required to yield a valid operation schema. - `class FeaturesAPIShieldOperationFeatureAPIRouting: …` - `api_routing: Optional[FeaturesAPIShieldOperationFeatureAPIRoutingAPIRouting]` API Routing settings on endpoint. - `last_updated: Optional[datetime]` - `route: Optional[str]` Target route. - `class FeaturesAPIShieldOperationFeatureConfidenceIntervals: …` - `confidence_intervals: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervals]` - `last_updated: Optional[datetime]` - `suggested_threshold: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThreshold]` - `confidence_intervals: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervals]` - `p90: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervalsP90]` Upper and lower bound for percentile estimate - `lower: Optional[float]` Lower bound for percentile estimate - `upper: Optional[float]` Upper bound for percentile estimate - `p95: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervalsP95]` Upper and lower bound for percentile estimate - `lower: Optional[float]` Lower bound for percentile estimate - `upper: Optional[float]` Upper bound for percentile estimate - `p99: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervalsP99]` Upper and lower bound for percentile estimate - `lower: Optional[float]` Lower bound for percentile estimate - `upper: Optional[float]` Upper bound for percentile estimate - `mean: Optional[float]` Suggested threshold. - `class FeaturesAPIShieldOperationFeatureSchemaInfo: …` - `schema_info: Optional[FeaturesAPIShieldOperationFeatureSchemaInfoSchemaInfo]` - `active_schema: Optional[FeaturesAPIShieldOperationFeatureSchemaInfoSchemaInfoActiveSchema]` Schema active on endpoint. - `id: Optional[str]` UUID. - `created_at: Optional[datetime]` - `is_learned: Optional[bool]` True if schema is Cloudflare-provided. - `name: Optional[str]` Schema file name. - `learned_available: Optional[bool]` True if a Cloudflare-provided learned schema is available for this endpoint. - `mitigation_action: Optional[Literal["none", "log", "block"]]` Action taken on requests failing validation. - `"none"` - `"log"` - `"block"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) operation = client.api_gateway.operations.create( zone_id="023e105f4ecef8ad9ca31a8372d0c353", endpoint="/api/v1/users/{var1}", host="www.example.com", method="GET", ) print(operation.operation_id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "endpoint": "/api/v1/users/{var1}", "host": "www.example.com", "last_updated": "2014-01-01T05:20:00.12345Z", "method": "GET", "operation_id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", "features": { "thresholds": { "auth_id_tokens": 0, "data_points": 0, "last_updated": "2014-01-01T05:20:00.12345Z", "p50": 0, "p90": 0, "p99": 0, "period_seconds": 0, "requests": 0, "suggested_threshold": 0 } } }, "success": true } ``` ## Delete an operation `api_gateway.operations.delete(stroperation_id, OperationDeleteParams**kwargs) -> OperationDeleteResponse` **delete** `/zones/{zone_id}/api_gateway/operations/{operation_id}` Removes a single API operation from API Shield endpoint management. The operation will no longer be tracked or protected by API Shield rules. ### Parameters - `zone_id: str` Identifier. - `operation_id: str` UUID. ### Returns - `class OperationDeleteResponse: …` - `errors: Message` - `code: int` - `message: str` - `documentation_url: Optional[str]` - `source: Optional[MessageItemSource]` - `pointer: Optional[str]` - `messages: Message` - `success: Literal[true]` Whether the API call was successful. - `true` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) operation = client.api_gateway.operations.delete( operation_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(operation.errors) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true } ``` ## Add operations to a zone `api_gateway.operations.bulk_create(OperationBulkCreateParams**kwargs) -> SyncSinglePage[OperationBulkCreateResponse]` **post** `/zones/{zone_id}/api_gateway/operations` Add one or more operations to a zone. Endpoints can contain path variables. Host, method, endpoint will be normalized to a canoncial form when creating an operation and must be unique on the zone. Inserting an operation that matches an existing one will return the record of the already existing operation and update its last_updated date. ### Parameters - `zone_id: str` Identifier. - `body: Iterable[Body]` - `endpoint: str` The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/. - `host: str` RFC3986-compliant host. - `method: Literal["GET", "POST", "HEAD", 6 more]` The HTTP method used to access the endpoint. - `"GET"` - `"POST"` - `"HEAD"` - `"OPTIONS"` - `"PUT"` - `"DELETE"` - `"CONNECT"` - `"PATCH"` - `"TRACE"` ### Returns - `class OperationBulkCreateResponse: …` - `endpoint: str` The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/. - `host: str` RFC3986-compliant host. - `last_updated: datetime` - `method: Literal["GET", "POST", "HEAD", 6 more]` The HTTP method used to access the endpoint. - `"GET"` - `"POST"` - `"HEAD"` - `"OPTIONS"` - `"PUT"` - `"DELETE"` - `"CONNECT"` - `"PATCH"` - `"TRACE"` - `operation_id: str` UUID. - `features: Optional[Features]` - `class FeaturesAPIShieldOperationFeatureThresholds: …` - `thresholds: Optional[FeaturesAPIShieldOperationFeatureThresholdsThresholds]` - `auth_id_tokens: Optional[int]` The total number of auth-ids seen across this calculation. - `data_points: Optional[int]` The number of data points used for the threshold suggestion calculation. - `last_updated: Optional[datetime]` - `p50: Optional[int]` The p50 quantile of requests (in period_seconds). - `p90: Optional[int]` The p90 quantile of requests (in period_seconds). - `p99: Optional[int]` The p99 quantile of requests (in period_seconds). - `period_seconds: Optional[int]` The period over which this threshold is suggested. - `requests: Optional[int]` The estimated number of requests covered by these calculations. - `suggested_threshold: Optional[int]` The suggested threshold in requests done by the same auth_id or period_seconds. - `class FeaturesAPIShieldOperationFeatureParameterSchemas: …` - `parameter_schemas: FeaturesAPIShieldOperationFeatureParameterSchemasParameterSchemas` - `last_updated: Optional[datetime]` - `parameter_schemas: Optional[FeaturesAPIShieldOperationFeatureParameterSchemasParameterSchemasParameterSchemas]` An operation schema object containing a response. - `parameters: Optional[List[object]]` An array containing the learned parameter schemas. - `responses: Optional[object]` An empty response object. This field is required to yield a valid operation schema. - `class FeaturesAPIShieldOperationFeatureAPIRouting: …` - `api_routing: Optional[FeaturesAPIShieldOperationFeatureAPIRoutingAPIRouting]` API Routing settings on endpoint. - `last_updated: Optional[datetime]` - `route: Optional[str]` Target route. - `class FeaturesAPIShieldOperationFeatureConfidenceIntervals: …` - `confidence_intervals: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervals]` - `last_updated: Optional[datetime]` - `suggested_threshold: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThreshold]` - `confidence_intervals: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervals]` - `p90: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervalsP90]` Upper and lower bound for percentile estimate - `lower: Optional[float]` Lower bound for percentile estimate - `upper: Optional[float]` Upper bound for percentile estimate - `p95: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervalsP95]` Upper and lower bound for percentile estimate - `lower: Optional[float]` Lower bound for percentile estimate - `upper: Optional[float]` Upper bound for percentile estimate - `p99: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervalsP99]` Upper and lower bound for percentile estimate - `lower: Optional[float]` Lower bound for percentile estimate - `upper: Optional[float]` Upper bound for percentile estimate - `mean: Optional[float]` Suggested threshold. - `class FeaturesAPIShieldOperationFeatureSchemaInfo: …` - `schema_info: Optional[FeaturesAPIShieldOperationFeatureSchemaInfoSchemaInfo]` - `active_schema: Optional[FeaturesAPIShieldOperationFeatureSchemaInfoSchemaInfoActiveSchema]` Schema active on endpoint. - `id: Optional[str]` UUID. - `created_at: Optional[datetime]` - `is_learned: Optional[bool]` True if schema is Cloudflare-provided. - `name: Optional[str]` Schema file name. - `learned_available: Optional[bool]` True if a Cloudflare-provided learned schema is available for this endpoint. - `mitigation_action: Optional[Literal["none", "log", "block"]]` Action taken on requests failing validation. - `"none"` - `"log"` - `"block"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) page = client.api_gateway.operations.bulk_create( zone_id="023e105f4ecef8ad9ca31a8372d0c353", body=[{ "endpoint": "/api/v1/users/{var1}", "host": "www.example.com", "method": "GET", }], ) page = page.result[0] print(page.operation_id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "endpoint": "/api/v1/users/{var1}", "host": "www.example.com", "last_updated": "2014-01-01T05:20:00.12345Z", "method": "GET", "operation_id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", "features": { "thresholds": { "auth_id_tokens": 0, "data_points": 0, "last_updated": "2014-01-01T05:20:00.12345Z", "p50": 0, "p90": 0, "p99": 0, "period_seconds": 0, "requests": 0, "suggested_threshold": 0 } } } ], "success": true } ``` ## Delete multiple operations `api_gateway.operations.bulk_delete(OperationBulkDeleteParams**kwargs) -> OperationBulkDeleteResponse` **delete** `/zones/{zone_id}/api_gateway/operations` Bulk removes multiple API operations from API Shield endpoint management in a single request. Efficient for cleaning up unused endpoints. ### Parameters - `zone_id: str` Identifier. ### Returns - `class OperationBulkDeleteResponse: …` - `errors: Message` - `code: int` - `message: str` - `documentation_url: Optional[str]` - `source: Optional[MessageItemSource]` - `pointer: Optional[str]` - `messages: Message` - `success: Literal[true]` Whether the API call was successful. - `true` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) response = client.api_gateway.operations.bulk_delete( zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(response.errors) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true } ``` ## Domain Types ### API Shield - `class APIShield: …` - `endpoint: str` The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/. - `host: str` RFC3986-compliant host. - `last_updated: datetime` - `method: Literal["GET", "POST", "HEAD", 6 more]` The HTTP method used to access the endpoint. - `"GET"` - `"POST"` - `"HEAD"` - `"OPTIONS"` - `"PUT"` - `"DELETE"` - `"CONNECT"` - `"PATCH"` - `"TRACE"` - `operation_id: str` UUID. ### Operation List Response - `class OperationListResponse: …` - `endpoint: str` The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/. - `host: str` RFC3986-compliant host. - `last_updated: datetime` - `method: Literal["GET", "POST", "HEAD", 6 more]` The HTTP method used to access the endpoint. - `"GET"` - `"POST"` - `"HEAD"` - `"OPTIONS"` - `"PUT"` - `"DELETE"` - `"CONNECT"` - `"PATCH"` - `"TRACE"` - `operation_id: str` UUID. - `features: Optional[Features]` - `class FeaturesAPIShieldOperationFeatureThresholds: …` - `thresholds: Optional[FeaturesAPIShieldOperationFeatureThresholdsThresholds]` - `auth_id_tokens: Optional[int]` The total number of auth-ids seen across this calculation. - `data_points: Optional[int]` The number of data points used for the threshold suggestion calculation. - `last_updated: Optional[datetime]` - `p50: Optional[int]` The p50 quantile of requests (in period_seconds). - `p90: Optional[int]` The p90 quantile of requests (in period_seconds). - `p99: Optional[int]` The p99 quantile of requests (in period_seconds). - `period_seconds: Optional[int]` The period over which this threshold is suggested. - `requests: Optional[int]` The estimated number of requests covered by these calculations. - `suggested_threshold: Optional[int]` The suggested threshold in requests done by the same auth_id or period_seconds. - `class FeaturesAPIShieldOperationFeatureParameterSchemas: …` - `parameter_schemas: FeaturesAPIShieldOperationFeatureParameterSchemasParameterSchemas` - `last_updated: Optional[datetime]` - `parameter_schemas: Optional[FeaturesAPIShieldOperationFeatureParameterSchemasParameterSchemasParameterSchemas]` An operation schema object containing a response. - `parameters: Optional[List[object]]` An array containing the learned parameter schemas. - `responses: Optional[object]` An empty response object. This field is required to yield a valid operation schema. - `class FeaturesAPIShieldOperationFeatureAPIRouting: …` - `api_routing: Optional[FeaturesAPIShieldOperationFeatureAPIRoutingAPIRouting]` API Routing settings on endpoint. - `last_updated: Optional[datetime]` - `route: Optional[str]` Target route. - `class FeaturesAPIShieldOperationFeatureConfidenceIntervals: …` - `confidence_intervals: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervals]` - `last_updated: Optional[datetime]` - `suggested_threshold: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThreshold]` - `confidence_intervals: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervals]` - `p90: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervalsP90]` Upper and lower bound for percentile estimate - `lower: Optional[float]` Lower bound for percentile estimate - `upper: Optional[float]` Upper bound for percentile estimate - `p95: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervalsP95]` Upper and lower bound for percentile estimate - `lower: Optional[float]` Lower bound for percentile estimate - `upper: Optional[float]` Upper bound for percentile estimate - `p99: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervalsP99]` Upper and lower bound for percentile estimate - `lower: Optional[float]` Lower bound for percentile estimate - `upper: Optional[float]` Upper bound for percentile estimate - `mean: Optional[float]` Suggested threshold. - `class FeaturesAPIShieldOperationFeatureSchemaInfo: …` - `schema_info: Optional[FeaturesAPIShieldOperationFeatureSchemaInfoSchemaInfo]` - `active_schema: Optional[FeaturesAPIShieldOperationFeatureSchemaInfoSchemaInfoActiveSchema]` Schema active on endpoint. - `id: Optional[str]` UUID. - `created_at: Optional[datetime]` - `is_learned: Optional[bool]` True if schema is Cloudflare-provided. - `name: Optional[str]` Schema file name. - `learned_available: Optional[bool]` True if a Cloudflare-provided learned schema is available for this endpoint. - `mitigation_action: Optional[Literal["none", "log", "block"]]` Action taken on requests failing validation. - `"none"` - `"log"` - `"block"` ### Operation Get Response - `class OperationGetResponse: …` - `endpoint: str` The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/. - `host: str` RFC3986-compliant host. - `last_updated: datetime` - `method: Literal["GET", "POST", "HEAD", 6 more]` The HTTP method used to access the endpoint. - `"GET"` - `"POST"` - `"HEAD"` - `"OPTIONS"` - `"PUT"` - `"DELETE"` - `"CONNECT"` - `"PATCH"` - `"TRACE"` - `operation_id: str` UUID. - `features: Optional[Features]` - `class FeaturesAPIShieldOperationFeatureThresholds: …` - `thresholds: Optional[FeaturesAPIShieldOperationFeatureThresholdsThresholds]` - `auth_id_tokens: Optional[int]` The total number of auth-ids seen across this calculation. - `data_points: Optional[int]` The number of data points used for the threshold suggestion calculation. - `last_updated: Optional[datetime]` - `p50: Optional[int]` The p50 quantile of requests (in period_seconds). - `p90: Optional[int]` The p90 quantile of requests (in period_seconds). - `p99: Optional[int]` The p99 quantile of requests (in period_seconds). - `period_seconds: Optional[int]` The period over which this threshold is suggested. - `requests: Optional[int]` The estimated number of requests covered by these calculations. - `suggested_threshold: Optional[int]` The suggested threshold in requests done by the same auth_id or period_seconds. - `class FeaturesAPIShieldOperationFeatureParameterSchemas: …` - `parameter_schemas: FeaturesAPIShieldOperationFeatureParameterSchemasParameterSchemas` - `last_updated: Optional[datetime]` - `parameter_schemas: Optional[FeaturesAPIShieldOperationFeatureParameterSchemasParameterSchemasParameterSchemas]` An operation schema object containing a response. - `parameters: Optional[List[object]]` An array containing the learned parameter schemas. - `responses: Optional[object]` An empty response object. This field is required to yield a valid operation schema. - `class FeaturesAPIShieldOperationFeatureAPIRouting: …` - `api_routing: Optional[FeaturesAPIShieldOperationFeatureAPIRoutingAPIRouting]` API Routing settings on endpoint. - `last_updated: Optional[datetime]` - `route: Optional[str]` Target route. - `class FeaturesAPIShieldOperationFeatureConfidenceIntervals: …` - `confidence_intervals: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervals]` - `last_updated: Optional[datetime]` - `suggested_threshold: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThreshold]` - `confidence_intervals: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervals]` - `p90: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervalsP90]` Upper and lower bound for percentile estimate - `lower: Optional[float]` Lower bound for percentile estimate - `upper: Optional[float]` Upper bound for percentile estimate - `p95: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervalsP95]` Upper and lower bound for percentile estimate - `lower: Optional[float]` Lower bound for percentile estimate - `upper: Optional[float]` Upper bound for percentile estimate - `p99: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervalsP99]` Upper and lower bound for percentile estimate - `lower: Optional[float]` Lower bound for percentile estimate - `upper: Optional[float]` Upper bound for percentile estimate - `mean: Optional[float]` Suggested threshold. - `class FeaturesAPIShieldOperationFeatureSchemaInfo: …` - `schema_info: Optional[FeaturesAPIShieldOperationFeatureSchemaInfoSchemaInfo]` - `active_schema: Optional[FeaturesAPIShieldOperationFeatureSchemaInfoSchemaInfoActiveSchema]` Schema active on endpoint. - `id: Optional[str]` UUID. - `created_at: Optional[datetime]` - `is_learned: Optional[bool]` True if schema is Cloudflare-provided. - `name: Optional[str]` Schema file name. - `learned_available: Optional[bool]` True if a Cloudflare-provided learned schema is available for this endpoint. - `mitigation_action: Optional[Literal["none", "log", "block"]]` Action taken on requests failing validation. - `"none"` - `"log"` - `"block"` ### Operation Create Response - `class OperationCreateResponse: …` - `endpoint: str` The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/. - `host: str` RFC3986-compliant host. - `last_updated: datetime` - `method: Literal["GET", "POST", "HEAD", 6 more]` The HTTP method used to access the endpoint. - `"GET"` - `"POST"` - `"HEAD"` - `"OPTIONS"` - `"PUT"` - `"DELETE"` - `"CONNECT"` - `"PATCH"` - `"TRACE"` - `operation_id: str` UUID. - `features: Optional[Features]` - `class FeaturesAPIShieldOperationFeatureThresholds: …` - `thresholds: Optional[FeaturesAPIShieldOperationFeatureThresholdsThresholds]` - `auth_id_tokens: Optional[int]` The total number of auth-ids seen across this calculation. - `data_points: Optional[int]` The number of data points used for the threshold suggestion calculation. - `last_updated: Optional[datetime]` - `p50: Optional[int]` The p50 quantile of requests (in period_seconds). - `p90: Optional[int]` The p90 quantile of requests (in period_seconds). - `p99: Optional[int]` The p99 quantile of requests (in period_seconds). - `period_seconds: Optional[int]` The period over which this threshold is suggested. - `requests: Optional[int]` The estimated number of requests covered by these calculations. - `suggested_threshold: Optional[int]` The suggested threshold in requests done by the same auth_id or period_seconds. - `class FeaturesAPIShieldOperationFeatureParameterSchemas: …` - `parameter_schemas: FeaturesAPIShieldOperationFeatureParameterSchemasParameterSchemas` - `last_updated: Optional[datetime]` - `parameter_schemas: Optional[FeaturesAPIShieldOperationFeatureParameterSchemasParameterSchemasParameterSchemas]` An operation schema object containing a response. - `parameters: Optional[List[object]]` An array containing the learned parameter schemas. - `responses: Optional[object]` An empty response object. This field is required to yield a valid operation schema. - `class FeaturesAPIShieldOperationFeatureAPIRouting: …` - `api_routing: Optional[FeaturesAPIShieldOperationFeatureAPIRoutingAPIRouting]` API Routing settings on endpoint. - `last_updated: Optional[datetime]` - `route: Optional[str]` Target route. - `class FeaturesAPIShieldOperationFeatureConfidenceIntervals: …` - `confidence_intervals: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervals]` - `last_updated: Optional[datetime]` - `suggested_threshold: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThreshold]` - `confidence_intervals: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervals]` - `p90: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervalsP90]` Upper and lower bound for percentile estimate - `lower: Optional[float]` Lower bound for percentile estimate - `upper: Optional[float]` Upper bound for percentile estimate - `p95: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervalsP95]` Upper and lower bound for percentile estimate - `lower: Optional[float]` Lower bound for percentile estimate - `upper: Optional[float]` Upper bound for percentile estimate - `p99: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervalsP99]` Upper and lower bound for percentile estimate - `lower: Optional[float]` Lower bound for percentile estimate - `upper: Optional[float]` Upper bound for percentile estimate - `mean: Optional[float]` Suggested threshold. - `class FeaturesAPIShieldOperationFeatureSchemaInfo: …` - `schema_info: Optional[FeaturesAPIShieldOperationFeatureSchemaInfoSchemaInfo]` - `active_schema: Optional[FeaturesAPIShieldOperationFeatureSchemaInfoSchemaInfoActiveSchema]` Schema active on endpoint. - `id: Optional[str]` UUID. - `created_at: Optional[datetime]` - `is_learned: Optional[bool]` True if schema is Cloudflare-provided. - `name: Optional[str]` Schema file name. - `learned_available: Optional[bool]` True if a Cloudflare-provided learned schema is available for this endpoint. - `mitigation_action: Optional[Literal["none", "log", "block"]]` Action taken on requests failing validation. - `"none"` - `"log"` - `"block"` ### Operation Delete Response - `class OperationDeleteResponse: …` - `errors: Message` - `code: int` - `message: str` - `documentation_url: Optional[str]` - `source: Optional[MessageItemSource]` - `pointer: Optional[str]` - `messages: Message` - `success: Literal[true]` Whether the API call was successful. - `true` ### Operation Bulk Create Response - `class OperationBulkCreateResponse: …` - `endpoint: str` The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/. - `host: str` RFC3986-compliant host. - `last_updated: datetime` - `method: Literal["GET", "POST", "HEAD", 6 more]` The HTTP method used to access the endpoint. - `"GET"` - `"POST"` - `"HEAD"` - `"OPTIONS"` - `"PUT"` - `"DELETE"` - `"CONNECT"` - `"PATCH"` - `"TRACE"` - `operation_id: str` UUID. - `features: Optional[Features]` - `class FeaturesAPIShieldOperationFeatureThresholds: …` - `thresholds: Optional[FeaturesAPIShieldOperationFeatureThresholdsThresholds]` - `auth_id_tokens: Optional[int]` The total number of auth-ids seen across this calculation. - `data_points: Optional[int]` The number of data points used for the threshold suggestion calculation. - `last_updated: Optional[datetime]` - `p50: Optional[int]` The p50 quantile of requests (in period_seconds). - `p90: Optional[int]` The p90 quantile of requests (in period_seconds). - `p99: Optional[int]` The p99 quantile of requests (in period_seconds). - `period_seconds: Optional[int]` The period over which this threshold is suggested. - `requests: Optional[int]` The estimated number of requests covered by these calculations. - `suggested_threshold: Optional[int]` The suggested threshold in requests done by the same auth_id or period_seconds. - `class FeaturesAPIShieldOperationFeatureParameterSchemas: …` - `parameter_schemas: FeaturesAPIShieldOperationFeatureParameterSchemasParameterSchemas` - `last_updated: Optional[datetime]` - `parameter_schemas: Optional[FeaturesAPIShieldOperationFeatureParameterSchemasParameterSchemasParameterSchemas]` An operation schema object containing a response. - `parameters: Optional[List[object]]` An array containing the learned parameter schemas. - `responses: Optional[object]` An empty response object. This field is required to yield a valid operation schema. - `class FeaturesAPIShieldOperationFeatureAPIRouting: …` - `api_routing: Optional[FeaturesAPIShieldOperationFeatureAPIRoutingAPIRouting]` API Routing settings on endpoint. - `last_updated: Optional[datetime]` - `route: Optional[str]` Target route. - `class FeaturesAPIShieldOperationFeatureConfidenceIntervals: …` - `confidence_intervals: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervals]` - `last_updated: Optional[datetime]` - `suggested_threshold: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThreshold]` - `confidence_intervals: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervals]` - `p90: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervalsP90]` Upper and lower bound for percentile estimate - `lower: Optional[float]` Lower bound for percentile estimate - `upper: Optional[float]` Upper bound for percentile estimate - `p95: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervalsP95]` Upper and lower bound for percentile estimate - `lower: Optional[float]` Lower bound for percentile estimate - `upper: Optional[float]` Upper bound for percentile estimate - `p99: Optional[FeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervalsP99]` Upper and lower bound for percentile estimate - `lower: Optional[float]` Lower bound for percentile estimate - `upper: Optional[float]` Upper bound for percentile estimate - `mean: Optional[float]` Suggested threshold. - `class FeaturesAPIShieldOperationFeatureSchemaInfo: …` - `schema_info: Optional[FeaturesAPIShieldOperationFeatureSchemaInfoSchemaInfo]` - `active_schema: Optional[FeaturesAPIShieldOperationFeatureSchemaInfoSchemaInfoActiveSchema]` Schema active on endpoint. - `id: Optional[str]` UUID. - `created_at: Optional[datetime]` - `is_learned: Optional[bool]` True if schema is Cloudflare-provided. - `name: Optional[str]` Schema file name. - `learned_available: Optional[bool]` True if a Cloudflare-provided learned schema is available for this endpoint. - `mitigation_action: Optional[Literal["none", "log", "block"]]` Action taken on requests failing validation. - `"none"` - `"log"` - `"block"` ### Operation Bulk Delete Response - `class OperationBulkDeleteResponse: …` - `errors: Message` - `code: int` - `message: str` - `documentation_url: Optional[str]` - `source: Optional[MessageItemSource]` - `pointer: Optional[str]` - `messages: Message` - `success: Literal[true]` Whether the API call was successful. - `true` # Labels ## Replace label(s) on an operation in endpoint management `api_gateway.operations.labels.update(stroperation_id, LabelUpdateParams**kwargs) -> LabelUpdateResponse` **put** `/zones/{zone_id}/api_gateway/operations/{operation_id}/labels` Replace label(s) on an operation in endpoint management ### Parameters - `zone_id: str` Identifier. - `operation_id: str` UUID. - `managed: Optional[SequenceNotStr[str]]` List of managed label names. Omitting this property or passing an empty array will result in all managed labels being removed from the operation - `user: Optional[SequenceNotStr[str]]` List of user label names. Omitting this property or passing an empty array will result in all user labels being removed from the operation ### Returns - `class LabelUpdateResponse: …` - `endpoint: str` The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/. - `host: str` RFC3986-compliant host. - `last_updated: datetime` - `method: Literal["GET", "POST", "HEAD", 6 more]` The HTTP method used to access the endpoint. - `"GET"` - `"POST"` - `"HEAD"` - `"OPTIONS"` - `"PUT"` - `"DELETE"` - `"CONNECT"` - `"PATCH"` - `"TRACE"` - `operation_id: str` UUID. - `labels: Optional[List[Label]]` - `created_at: datetime` - `description: str` The description of the label - `last_updated: datetime` - `metadata: object` Metadata for the label - `name: str` The name of the label - `source: Literal["user", "managed"]` * `user` - label is owned by the user * `managed` - label is owned by cloudflare - `"user"` - `"managed"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) label = client.api_gateway.operations.labels.update( operation_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(label.operation_id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "endpoint": "/api/v1/users/{var1}", "host": "www.example.com", "last_updated": "2014-01-01T05:20:00.12345Z", "method": "GET", "operation_id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", "labels": [ { "created_at": "2014-01-01T05:20:00.12345Z", "description": "All endpoints that deal with logins", "last_updated": "2014-01-01T05:20:00.12345Z", "metadata": { "foo": "bar" }, "name": "login", "source": "user" } ] }, "success": true } ``` ## Attach label(s) on an operation in endpoint management `api_gateway.operations.labels.create(stroperation_id, LabelCreateParams**kwargs) -> LabelCreateResponse` **post** `/zones/{zone_id}/api_gateway/operations/{operation_id}/labels` Attach label(s) on an operation in endpoint management ### Parameters - `zone_id: str` Identifier. - `operation_id: str` UUID. - `managed: Optional[SequenceNotStr[str]]` List of managed label names. - `user: Optional[SequenceNotStr[str]]` List of user label names. ### Returns - `class LabelCreateResponse: …` - `endpoint: str` The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/. - `host: str` RFC3986-compliant host. - `last_updated: datetime` - `method: Literal["GET", "POST", "HEAD", 6 more]` The HTTP method used to access the endpoint. - `"GET"` - `"POST"` - `"HEAD"` - `"OPTIONS"` - `"PUT"` - `"DELETE"` - `"CONNECT"` - `"PATCH"` - `"TRACE"` - `operation_id: str` UUID. - `labels: Optional[List[Label]]` - `created_at: datetime` - `description: str` The description of the label - `last_updated: datetime` - `metadata: object` Metadata for the label - `name: str` The name of the label - `source: Literal["user", "managed"]` * `user` - label is owned by the user * `managed` - label is owned by cloudflare - `"user"` - `"managed"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) label = client.api_gateway.operations.labels.create( operation_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(label.operation_id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "endpoint": "/api/v1/users/{var1}", "host": "www.example.com", "last_updated": "2014-01-01T05:20:00.12345Z", "method": "GET", "operation_id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", "labels": [ { "created_at": "2014-01-01T05:20:00.12345Z", "description": "All endpoints that deal with logins", "last_updated": "2014-01-01T05:20:00.12345Z", "metadata": { "foo": "bar" }, "name": "login", "source": "user" } ] }, "success": true } ``` ## Remove label(s) on an operation in endpoint management `api_gateway.operations.labels.delete(stroperation_id, LabelDeleteParams**kwargs) -> LabelDeleteResponse` **delete** `/zones/{zone_id}/api_gateway/operations/{operation_id}/labels` Remove label(s) on an operation in endpoint management ### Parameters - `zone_id: str` Identifier. - `operation_id: str` UUID. ### Returns - `class LabelDeleteResponse: …` - `endpoint: str` The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/. - `host: str` RFC3986-compliant host. - `last_updated: datetime` - `method: Literal["GET", "POST", "HEAD", 6 more]` The HTTP method used to access the endpoint. - `"GET"` - `"POST"` - `"HEAD"` - `"OPTIONS"` - `"PUT"` - `"DELETE"` - `"CONNECT"` - `"PATCH"` - `"TRACE"` - `operation_id: str` UUID. - `labels: Optional[List[Label]]` - `created_at: datetime` - `description: str` The description of the label - `last_updated: datetime` - `metadata: object` Metadata for the label - `name: str` The name of the label - `source: Literal["user", "managed"]` * `user` - label is owned by the user * `managed` - label is owned by cloudflare - `"user"` - `"managed"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) label = client.api_gateway.operations.labels.delete( operation_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(label.operation_id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "endpoint": "/api/v1/users/{var1}", "host": "www.example.com", "last_updated": "2014-01-01T05:20:00.12345Z", "method": "GET", "operation_id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", "labels": [ { "created_at": "2014-01-01T05:20:00.12345Z", "description": "All endpoints that deal with logins", "last_updated": "2014-01-01T05:20:00.12345Z", "metadata": { "foo": "bar" }, "name": "login", "source": "user" } ] }, "success": true } ``` ## Bulk replace label(s) on operation(s) in endpoint management `api_gateway.operations.labels.bulk_update(LabelBulkUpdateParams**kwargs) -> SyncSinglePage[LabelBulkUpdateResponse]` **put** `/zones/{zone_id}/api_gateway/operations/labels` Bulk replace label(s) on operation(s) in endpoint management ### Parameters - `zone_id: str` Identifier. - `managed: Managed` Managed labels to replace for all affected operations - `labels: SequenceNotStr[str]` List of managed label names. Providing an empty array will result in all managed labels being removed from all affected operations - `selector: Selector` Operation IDs selector - `include: SelectorInclude` - `operation_ids: SequenceNotStr[str]` - `user: User` User labels to replace for all affected operations - `labels: SequenceNotStr[str]` List of user label names. Providing an empty array will result in all user labels being removed from all affected operations ### Returns - `class LabelBulkUpdateResponse: …` - `endpoint: str` The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/. - `host: str` RFC3986-compliant host. - `last_updated: datetime` - `method: Literal["GET", "POST", "HEAD", 6 more]` The HTTP method used to access the endpoint. - `"GET"` - `"POST"` - `"HEAD"` - `"OPTIONS"` - `"PUT"` - `"DELETE"` - `"CONNECT"` - `"PATCH"` - `"TRACE"` - `operation_id: str` UUID. - `labels: Optional[List[Label]]` - `created_at: datetime` - `description: str` The description of the label - `last_updated: datetime` - `metadata: object` Metadata for the label - `name: str` The name of the label - `source: Literal["user", "managed"]` * `user` - label is owned by the user * `managed` - label is owned by cloudflare - `"user"` - `"managed"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) page = client.api_gateway.operations.labels.bulk_update( zone_id="023e105f4ecef8ad9ca31a8372d0c353", managed={ "labels": ["login"] }, selector={ "include": { "operation_ids": ["f174e90a-fafe-4643-bbbc-4a0ed4fc8415"] } }, user={ "labels": ["login"] }, ) page = page.result[0] print(page.operation_id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "endpoint": "/api/v1/users/{var1}", "host": "www.example.com", "last_updated": "2014-01-01T05:20:00.12345Z", "method": "GET", "operation_id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", "labels": [ { "created_at": "2014-01-01T05:20:00.12345Z", "description": "All endpoints that deal with logins", "last_updated": "2014-01-01T05:20:00.12345Z", "metadata": { "foo": "bar" }, "name": "login", "source": "user" } ] } ], "success": true } ``` ## Bulk attach label(s) on operation(s) in endpoint management `api_gateway.operations.labels.bulk_create(LabelBulkCreateParams**kwargs) -> SyncSinglePage[LabelBulkCreateResponse]` **post** `/zones/{zone_id}/api_gateway/operations/labels` Bulk attach label(s) on operation(s) in endpoint management ### Parameters - `zone_id: str` Identifier. - `selector: Selector` Operation IDs selector - `include: SelectorInclude` - `operation_ids: SequenceNotStr[str]` - `managed: Optional[Managed]` - `labels: Optional[SequenceNotStr[str]]` List of managed label names. - `user: Optional[User]` - `labels: Optional[SequenceNotStr[str]]` List of user label names. ### Returns - `class LabelBulkCreateResponse: …` - `endpoint: str` The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/. - `host: str` RFC3986-compliant host. - `last_updated: datetime` - `method: Literal["GET", "POST", "HEAD", 6 more]` The HTTP method used to access the endpoint. - `"GET"` - `"POST"` - `"HEAD"` - `"OPTIONS"` - `"PUT"` - `"DELETE"` - `"CONNECT"` - `"PATCH"` - `"TRACE"` - `operation_id: str` UUID. - `labels: Optional[List[Label]]` - `created_at: datetime` - `description: str` The description of the label - `last_updated: datetime` - `metadata: object` Metadata for the label - `name: str` The name of the label - `source: Literal["user", "managed"]` * `user` - label is owned by the user * `managed` - label is owned by cloudflare - `"user"` - `"managed"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) page = client.api_gateway.operations.labels.bulk_create( zone_id="023e105f4ecef8ad9ca31a8372d0c353", selector={ "include": { "operation_ids": ["f174e90a-fafe-4643-bbbc-4a0ed4fc8415"] } }, ) page = page.result[0] print(page.operation_id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "endpoint": "/api/v1/users/{var1}", "host": "www.example.com", "last_updated": "2014-01-01T05:20:00.12345Z", "method": "GET", "operation_id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", "labels": [ { "created_at": "2014-01-01T05:20:00.12345Z", "description": "All endpoints that deal with logins", "last_updated": "2014-01-01T05:20:00.12345Z", "metadata": { "foo": "bar" }, "name": "login", "source": "user" } ] } ], "success": true } ``` ## Bulk remove label(s) on operation(s) in endpoint management `api_gateway.operations.labels.bulk_delete(LabelBulkDeleteParams**kwargs) -> SyncSinglePage[LabelBulkDeleteResponse]` **delete** `/zones/{zone_id}/api_gateway/operations/labels` Bulk remove label(s) on operation(s) in endpoint management ### Parameters - `zone_id: str` Identifier. ### Returns - `class LabelBulkDeleteResponse: …` - `endpoint: str` The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/. - `host: str` RFC3986-compliant host. - `last_updated: datetime` - `method: Literal["GET", "POST", "HEAD", 6 more]` The HTTP method used to access the endpoint. - `"GET"` - `"POST"` - `"HEAD"` - `"OPTIONS"` - `"PUT"` - `"DELETE"` - `"CONNECT"` - `"PATCH"` - `"TRACE"` - `operation_id: str` UUID. - `labels: Optional[List[Label]]` - `created_at: datetime` - `description: str` The description of the label - `last_updated: datetime` - `metadata: object` Metadata for the label - `name: str` The name of the label - `source: Literal["user", "managed"]` * `user` - label is owned by the user * `managed` - label is owned by cloudflare - `"user"` - `"managed"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) page = client.api_gateway.operations.labels.bulk_delete( zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) page = page.result[0] print(page.operation_id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "endpoint": "/api/v1/users/{var1}", "host": "www.example.com", "last_updated": "2014-01-01T05:20:00.12345Z", "method": "GET", "operation_id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", "labels": [ { "created_at": "2014-01-01T05:20:00.12345Z", "description": "All endpoints that deal with logins", "last_updated": "2014-01-01T05:20:00.12345Z", "metadata": { "foo": "bar" }, "name": "login", "source": "user" } ] } ], "success": true } ``` ## Domain Types ### Label Update Response - `class LabelUpdateResponse: …` - `endpoint: str` The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/. - `host: str` RFC3986-compliant host. - `last_updated: datetime` - `method: Literal["GET", "POST", "HEAD", 6 more]` The HTTP method used to access the endpoint. - `"GET"` - `"POST"` - `"HEAD"` - `"OPTIONS"` - `"PUT"` - `"DELETE"` - `"CONNECT"` - `"PATCH"` - `"TRACE"` - `operation_id: str` UUID. - `labels: Optional[List[Label]]` - `created_at: datetime` - `description: str` The description of the label - `last_updated: datetime` - `metadata: object` Metadata for the label - `name: str` The name of the label - `source: Literal["user", "managed"]` * `user` - label is owned by the user * `managed` - label is owned by cloudflare - `"user"` - `"managed"` ### Label Create Response - `class LabelCreateResponse: …` - `endpoint: str` The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/. - `host: str` RFC3986-compliant host. - `last_updated: datetime` - `method: Literal["GET", "POST", "HEAD", 6 more]` The HTTP method used to access the endpoint. - `"GET"` - `"POST"` - `"HEAD"` - `"OPTIONS"` - `"PUT"` - `"DELETE"` - `"CONNECT"` - `"PATCH"` - `"TRACE"` - `operation_id: str` UUID. - `labels: Optional[List[Label]]` - `created_at: datetime` - `description: str` The description of the label - `last_updated: datetime` - `metadata: object` Metadata for the label - `name: str` The name of the label - `source: Literal["user", "managed"]` * `user` - label is owned by the user * `managed` - label is owned by cloudflare - `"user"` - `"managed"` ### Label Delete Response - `class LabelDeleteResponse: …` - `endpoint: str` The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/. - `host: str` RFC3986-compliant host. - `last_updated: datetime` - `method: Literal["GET", "POST", "HEAD", 6 more]` The HTTP method used to access the endpoint. - `"GET"` - `"POST"` - `"HEAD"` - `"OPTIONS"` - `"PUT"` - `"DELETE"` - `"CONNECT"` - `"PATCH"` - `"TRACE"` - `operation_id: str` UUID. - `labels: Optional[List[Label]]` - `created_at: datetime` - `description: str` The description of the label - `last_updated: datetime` - `metadata: object` Metadata for the label - `name: str` The name of the label - `source: Literal["user", "managed"]` * `user` - label is owned by the user * `managed` - label is owned by cloudflare - `"user"` - `"managed"` ### Label Bulk Update Response - `class LabelBulkUpdateResponse: …` - `endpoint: str` The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/. - `host: str` RFC3986-compliant host. - `last_updated: datetime` - `method: Literal["GET", "POST", "HEAD", 6 more]` The HTTP method used to access the endpoint. - `"GET"` - `"POST"` - `"HEAD"` - `"OPTIONS"` - `"PUT"` - `"DELETE"` - `"CONNECT"` - `"PATCH"` - `"TRACE"` - `operation_id: str` UUID. - `labels: Optional[List[Label]]` - `created_at: datetime` - `description: str` The description of the label - `last_updated: datetime` - `metadata: object` Metadata for the label - `name: str` The name of the label - `source: Literal["user", "managed"]` * `user` - label is owned by the user * `managed` - label is owned by cloudflare - `"user"` - `"managed"` ### Label Bulk Create Response - `class LabelBulkCreateResponse: …` - `endpoint: str` The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/. - `host: str` RFC3986-compliant host. - `last_updated: datetime` - `method: Literal["GET", "POST", "HEAD", 6 more]` The HTTP method used to access the endpoint. - `"GET"` - `"POST"` - `"HEAD"` - `"OPTIONS"` - `"PUT"` - `"DELETE"` - `"CONNECT"` - `"PATCH"` - `"TRACE"` - `operation_id: str` UUID. - `labels: Optional[List[Label]]` - `created_at: datetime` - `description: str` The description of the label - `last_updated: datetime` - `metadata: object` Metadata for the label - `name: str` The name of the label - `source: Literal["user", "managed"]` * `user` - label is owned by the user * `managed` - label is owned by cloudflare - `"user"` - `"managed"` ### Label Bulk Delete Response - `class LabelBulkDeleteResponse: …` - `endpoint: str` The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/. - `host: str` RFC3986-compliant host. - `last_updated: datetime` - `method: Literal["GET", "POST", "HEAD", 6 more]` The HTTP method used to access the endpoint. - `"GET"` - `"POST"` - `"HEAD"` - `"OPTIONS"` - `"PUT"` - `"DELETE"` - `"CONNECT"` - `"PATCH"` - `"TRACE"` - `operation_id: str` UUID. - `labels: Optional[List[Label]]` - `created_at: datetime` - `description: str` The description of the label - `last_updated: datetime` - `metadata: object` Metadata for the label - `name: str` The name of the label - `source: Literal["user", "managed"]` * `user` - label is owned by the user * `managed` - label is owned by cloudflare - `"user"` - `"managed"` # Schema Validation ## Retrieve operation-level schema validation settings `api_gateway.operations.schema_validation.get(stroperation_id, SchemaValidationGetParams**kwargs) -> SchemaValidationGetResponse` **get** `/zones/{zone_id}/api_gateway/operations/{operation_id}/schema_validation` Retrieves operation-level schema validation settings on the zone ### Parameters - `zone_id: str` Identifier. - `operation_id: str` UUID. ### Returns - `class SchemaValidationGetResponse: …` - `mitigation_action: Optional[Literal["log", "block", "none"]]` When set, this applies a mitigation action to this operation - `log` log request when request does not conform to schema for this operation - `block` deny access to the site when request does not conform to schema for this operation - `none` will skip mitigation for this operation - `null` indicates that no operation level mitigation is in place, see Zone Level Schema Validation Settings for mitigation action that will be applied - `"log"` - `"block"` - `"none"` - `operation_id: Optional[str]` UUID. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) schema_validation = client.api_gateway.operations.schema_validation.get( operation_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(schema_validation.operation_id) ``` #### Response ```json { "mitigation_action": "block", "operation_id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415" } ``` ## Update operation-level schema validation settings `api_gateway.operations.schema_validation.update(stroperation_id, SchemaValidationUpdateParams**kwargs) -> SchemaValidationUpdateResponse` **put** `/zones/{zone_id}/api_gateway/operations/{operation_id}/schema_validation` Updates operation-level schema validation settings on the zone ### Parameters - `zone_id: str` Identifier. - `operation_id: str` UUID. - `mitigation_action: Optional[Literal["log", "block", "none"]]` When set, this applies a mitigation action to this operation - `log` log request when request does not conform to schema for this operation - `block` deny access to the site when request does not conform to schema for this operation - `none` will skip mitigation for this operation - `null` indicates that no operation level mitigation is in place, see Zone Level Schema Validation Settings for mitigation action that will be applied - `"log"` - `"block"` - `"none"` ### Returns - `class SchemaValidationUpdateResponse: …` - `mitigation_action: Optional[Literal["log", "block", "none"]]` When set, this applies a mitigation action to this operation - `log` log request when request does not conform to schema for this operation - `block` deny access to the site when request does not conform to schema for this operation - `none` will skip mitigation for this operation - `null` indicates that no operation level mitigation is in place, see Zone Level Schema Validation Settings for mitigation action that will be applied - `"log"` - `"block"` - `"none"` - `operation_id: Optional[str]` UUID. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) schema_validation = client.api_gateway.operations.schema_validation.update( operation_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(schema_validation.operation_id) ``` #### Response ```json { "mitigation_action": "block", "operation_id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415" } ``` ## Update multiple operation-level schema validation settings `api_gateway.operations.schema_validation.edit(SchemaValidationEditParams**kwargs) -> SettingsMultipleRequest` **patch** `/zones/{zone_id}/api_gateway/operations/schema_validation` Updates multiple operation-level schema validation settings on the zone ### Parameters - `zone_id: str` Identifier. - `settings_multiple_request: SettingsMultipleRequestParam` - `mitigation_action: Optional[Literal["log", "block", "none"]]` When set, this applies a mitigation action to this operation - `log` log request when request does not conform to schema for this operation - `block` deny access to the site when request does not conform to schema for this operation - `none` will skip mitigation for this operation - `null` indicates that no operation level mitigation is in place, see Zone Level Schema Validation Settings for mitigation action that will be applied - `"log"` - `"block"` - `"none"` ### Returns - `Dict[str, SettingsMultipleRequestItem]` - `mitigation_action: Optional[Literal["log", "block", "none"]]` When set, this applies a mitigation action to this operation - `log` log request when request does not conform to schema for this operation - `block` deny access to the site when request does not conform to schema for this operation - `none` will skip mitigation for this operation - `null` indicates that no operation level mitigation is in place, see Zone Level Schema Validation Settings for mitigation action that will be applied - `"log"` - `"block"` - `"none"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) settings_multiple_request = client.api_gateway.operations.schema_validation.edit( zone_id="023e105f4ecef8ad9ca31a8372d0c353", settings_multiple_request={ "3818d821-5901-4147-a474-f5f5aec1d54e": {}, "b17c8043-99a0-4202-b7d9-8f7cdbee02cd": {}, }, ) print(settings_multiple_request) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "3818d821-5901-4147-a474-f5f5aec1d54e": { "mitigation_action": "log" }, "b17c8043-99a0-4202-b7d9-8f7cdbee02cd": { "mitigation_action": "block" } }, "success": true } ``` ## Domain Types ### Settings Multiple Request - `Dict[str, SettingsMultipleRequestItem]` - `mitigation_action: Optional[Literal["log", "block", "none"]]` When set, this applies a mitigation action to this operation - `log` log request when request does not conform to schema for this operation - `block` deny access to the site when request does not conform to schema for this operation - `none` will skip mitigation for this operation - `null` indicates that no operation level mitigation is in place, see Zone Level Schema Validation Settings for mitigation action that will be applied - `"log"` - `"block"` - `"none"` ### Schema Validation Get Response - `class SchemaValidationGetResponse: …` - `mitigation_action: Optional[Literal["log", "block", "none"]]` When set, this applies a mitigation action to this operation - `log` log request when request does not conform to schema for this operation - `block` deny access to the site when request does not conform to schema for this operation - `none` will skip mitigation for this operation - `null` indicates that no operation level mitigation is in place, see Zone Level Schema Validation Settings for mitigation action that will be applied - `"log"` - `"block"` - `"none"` - `operation_id: Optional[str]` UUID. ### Schema Validation Update Response - `class SchemaValidationUpdateResponse: …` - `mitigation_action: Optional[Literal["log", "block", "none"]]` When set, this applies a mitigation action to this operation - `log` log request when request does not conform to schema for this operation - `block` deny access to the site when request does not conform to schema for this operation - `none` will skip mitigation for this operation - `null` indicates that no operation level mitigation is in place, see Zone Level Schema Validation Settings for mitigation action that will be applied - `"log"` - `"block"` - `"none"` - `operation_id: Optional[str]` UUID. # Schemas ## Retrieve operations and features as OpenAPI schemas `api_gateway.schemas.list(SchemaListParams**kwargs) -> SchemaListResponse` **get** `/zones/{zone_id}/api_gateway/schemas` Retrieve operations and features as OpenAPI schemas ### Parameters - `zone_id: str` Identifier. - `feature: Optional[List[Literal["thresholds", "parameter_schemas", "schema_info"]]]` Add feature(s) to the results. The feature name that is given here corresponds to the resulting feature object. Have a look at the top-level object description for more details on the specific meaning. - `"thresholds"` - `"parameter_schemas"` - `"schema_info"` - `host: Optional[SequenceNotStr[str]]` Receive schema only for the given host(s). ### Returns - `class SchemaListResponse: …` - `schemas: Optional[List[object]]` - `timestamp: Optional[str]` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) schemas = client.api_gateway.schemas.list( zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(schemas.schemas) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "schemas": [ { "info": { "title": "OpenAPI JSON schema for www.example.com", "version": "1.0" }, "openapi": "3.0.0", "paths": { "... Further paths ...": {}, "/api/v1/users/{var1}": { "get": { "parameters": [ { "in": "path", "name": "var1", "required": true, "schema": { "type": "string" } } ] } } }, "servers": [ { "url": "www.example.com" } ] } ], "timestamp": "timestamp" }, "success": true } ``` ## Domain Types ### Schema List Response - `class SchemaListResponse: …` - `schemas: Optional[List[object]]` - `timestamp: Optional[str]` # Settings ## Domain Types ### Settings - `class Settings: …` - `validation_default_mitigation_action: Optional[Literal["none", "log", "block"]]` The default mitigation action used when there is no mitigation action defined on the operation Mitigation actions are as follows: * `log` - log request when request does not conform to schema * `block` - deny access to the site when request does not conform to schema A special value of of `none` will skip running schema validation entirely for the request when there is no mitigation action defined on the operation - `"none"` - `"log"` - `"block"` - `validation_override_mitigation_action: Optional[Literal["none"]]` When set, this overrides both zone level and operation level mitigation actions. - `none` will skip running schema validation entirely for the request - `null` indicates that no override is in place - `"none"` # Schema Validation ## Retrieve zone level schema validation settings `api_gateway.settings.schema_validation.get(SchemaValidationGetParams**kwargs) -> Settings` **get** `/zones/{zone_id}/api_gateway/settings/schema_validation` Retrieves zone level schema validation settings currently set on the zone ### Parameters - `zone_id: str` Identifier. ### Returns - `class Settings: …` - `validation_default_mitigation_action: Optional[Literal["none", "log", "block"]]` The default mitigation action used when there is no mitigation action defined on the operation Mitigation actions are as follows: * `log` - log request when request does not conform to schema * `block` - deny access to the site when request does not conform to schema A special value of of `none` will skip running schema validation entirely for the request when there is no mitigation action defined on the operation - `"none"` - `"log"` - `"block"` - `validation_override_mitigation_action: Optional[Literal["none"]]` When set, this overrides both zone level and operation level mitigation actions. - `none` will skip running schema validation entirely for the request - `null` indicates that no override is in place - `"none"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) settings = client.api_gateway.settings.schema_validation.get( zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(settings.validation_default_mitigation_action) ``` #### Response ```json { "validation_default_mitigation_action": "block", "validation_override_mitigation_action": "none" } ``` ## Update zone level schema validation settings `api_gateway.settings.schema_validation.update(SchemaValidationUpdateParams**kwargs) -> Settings` **put** `/zones/{zone_id}/api_gateway/settings/schema_validation` Updates zone level schema validation settings on the zone ### Parameters - `zone_id: str` Identifier. - `validation_default_mitigation_action: Literal["none", "log", "block"]` The default mitigation action used when there is no mitigation action defined on the operation Mitigation actions are as follows: * `log` - log request when request does not conform to schema * `block` - deny access to the site when request does not conform to schema A special value of of `none` will skip running schema validation entirely for the request when there is no mitigation action defined on the operation - `"none"` - `"log"` - `"block"` - `validation_override_mitigation_action: Optional[Literal["none", "disable_override"]]` When set, this overrides both zone level and operation level mitigation actions. - `none` will skip running schema validation entirely for the request - `null` indicates that no override is in place To clear any override, use the special value `disable_override` or `null` - `"none"` - `"disable_override"` ### Returns - `class Settings: …` - `validation_default_mitigation_action: Optional[Literal["none", "log", "block"]]` The default mitigation action used when there is no mitigation action defined on the operation Mitigation actions are as follows: * `log` - log request when request does not conform to schema * `block` - deny access to the site when request does not conform to schema A special value of of `none` will skip running schema validation entirely for the request when there is no mitigation action defined on the operation - `"none"` - `"log"` - `"block"` - `validation_override_mitigation_action: Optional[Literal["none"]]` When set, this overrides both zone level and operation level mitigation actions. - `none` will skip running schema validation entirely for the request - `null` indicates that no override is in place - `"none"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) settings = client.api_gateway.settings.schema_validation.update( zone_id="023e105f4ecef8ad9ca31a8372d0c353", validation_default_mitigation_action="block", ) print(settings.validation_default_mitigation_action) ``` #### Response ```json { "validation_default_mitigation_action": "block", "validation_override_mitigation_action": "none" } ``` ## Update zone level schema validation settings `api_gateway.settings.schema_validation.edit(SchemaValidationEditParams**kwargs) -> Settings` **patch** `/zones/{zone_id}/api_gateway/settings/schema_validation` Updates zone level schema validation settings on the zone ### Parameters - `zone_id: str` Identifier. - `validation_default_mitigation_action: Optional[Literal["none", "log", "block"]]` The default mitigation action used when there is no mitigation action defined on the operation Mitigation actions are as follows: * `log` - log request when request does not conform to schema * `block` - deny access to the site when request does not conform to schema A special value of of `none` will skip running schema validation entirely for the request when there is no mitigation action defined on the operation `null` will have no effect. - `"none"` - `"log"` - `"block"` - `validation_override_mitigation_action: Optional[Literal["none", "disable_override"]]` When set, this overrides both zone level and operation level mitigation actions. - `none` will skip running schema validation entirely for the request To clear any override, use the special value `disable_override` `null` will have no effect. - `"none"` - `"disable_override"` ### Returns - `class Settings: …` - `validation_default_mitigation_action: Optional[Literal["none", "log", "block"]]` The default mitigation action used when there is no mitigation action defined on the operation Mitigation actions are as follows: * `log` - log request when request does not conform to schema * `block` - deny access to the site when request does not conform to schema A special value of of `none` will skip running schema validation entirely for the request when there is no mitigation action defined on the operation - `"none"` - `"log"` - `"block"` - `validation_override_mitigation_action: Optional[Literal["none"]]` When set, this overrides both zone level and operation level mitigation actions. - `none` will skip running schema validation entirely for the request - `null` indicates that no override is in place - `"none"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) settings = client.api_gateway.settings.schema_validation.edit( zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(settings.validation_default_mitigation_action) ``` #### Response ```json { "validation_default_mitigation_action": "block", "validation_override_mitigation_action": "none" } ``` # User Schemas ## Retrieve information about all schemas on a zone `api_gateway.user_schemas.list(UserSchemaListParams**kwargs) -> SyncV4PagePaginationArray[OldPublicSchema]` **get** `/zones/{zone_id}/api_gateway/user_schemas` Lists all OpenAPI schemas uploaded to API Shield for the zone, including their validation status and associated operations. ### Parameters - `zone_id: str` Identifier. - `omit_source: Optional[bool]` Omit the source-files of schemas and only retrieve their meta-data. - `page: Optional[int]` Page number of paginated results. - `per_page: Optional[int]` Maximum number of results per page. - `validation_enabled: Optional[bool]` Flag whether schema is enabled for validation. ### Returns - `class OldPublicSchema: …` - `created_at: datetime` - `kind: Literal["openapi_v3"]` Kind of schema - `"openapi_v3"` - `name: str` Name of the schema - `schema_id: str` UUID. - `source: Optional[str]` Source of the schema - `validation_enabled: Optional[bool]` Flag whether schema is enabled for validation. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) page = client.api_gateway.user_schemas.list( zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) page = page.result[0] print(page.schema_id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "created_at": "2014-01-01T05:20:00.12345Z", "kind": "openapi_v3", "name": "petstore schema", "schema_id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", "source": "", "validation_enabled": true } ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000, "total_pages": 100 } } ``` ## Retrieve information about a specific schema on a zone `api_gateway.user_schemas.get(strschema_id, UserSchemaGetParams**kwargs) -> OldPublicSchema` **get** `/zones/{zone_id}/api_gateway/user_schemas/{schema_id}` Gets detailed information about a specific uploaded OpenAPI schema, including its contents and validation configuration. ### Parameters - `zone_id: str` Identifier. - `schema_id: str` - `omit_source: Optional[bool]` Omit the source-files of schemas and only retrieve their meta-data. ### Returns - `class OldPublicSchema: …` - `created_at: datetime` - `kind: Literal["openapi_v3"]` Kind of schema - `"openapi_v3"` - `name: str` Name of the schema - `schema_id: str` UUID. - `source: Optional[str]` Source of the schema - `validation_enabled: Optional[bool]` Flag whether schema is enabled for validation. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) old_public_schema = client.api_gateway.user_schemas.get( schema_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(old_public_schema.schema_id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "created_at": "2014-01-01T05:20:00.12345Z", "kind": "openapi_v3", "name": "petstore schema", "schema_id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", "source": "", "validation_enabled": true }, "success": true } ``` ## Upload a schema to a zone `api_gateway.user_schemas.create(UserSchemaCreateParams**kwargs) -> UserSchemaCreateResponse` **post** `/zones/{zone_id}/api_gateway/user_schemas` Upload a schema to a zone ### Parameters - `zone_id: str` Identifier. - `file: FileTypes` Schema file bytes - `kind: Literal["openapi_v3"]` Kind of schema - `"openapi_v3"` - `name: Optional[str]` Name of the schema - `validation_enabled: Optional[Literal["true", "false"]]` Flag whether schema is enabled for validation. - `"true"` - `"false"` ### Returns - `class UserSchemaCreateResponse: …` - `schema: OldPublicSchema` - `created_at: datetime` - `kind: Literal["openapi_v3"]` Kind of schema - `"openapi_v3"` - `name: str` Name of the schema - `schema_id: str` UUID. - `source: Optional[str]` Source of the schema - `validation_enabled: Optional[bool]` Flag whether schema is enabled for validation. - `upload_details: Optional[UploadDetails]` - `warnings: Optional[List[UploadDetailsWarning]]` Diagnostic warning events that occurred during processing. These events are non-critical errors found within the schema. - `code: int` Code that identifies the event that occurred. - `locations: Optional[List[str]]` JSONPath location(s) in the schema where these events were encountered. See for JSONPath specification. - `message: Optional[str]` Diagnostic message that describes the event. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) user_schema = client.api_gateway.user_schemas.create( zone_id="023e105f4ecef8ad9ca31a8372d0c353", file=b"Example data", kind="openapi_v3", ) print(user_schema.schema) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "schema": { "created_at": "2014-01-01T05:20:00.12345Z", "kind": "openapi_v3", "name": "petstore schema", "schema_id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", "source": "", "validation_enabled": true }, "upload_details": { "warnings": [ { "code": 28, "locations": [ ".paths[\"/user/{username}\"].put" ], "message": "unsupported media type: application/octet-stream" } ] } }, "success": true } ``` ## Enable validation for a schema `api_gateway.user_schemas.edit(strschema_id, UserSchemaEditParams**kwargs) -> OldPublicSchema` **patch** `/zones/{zone_id}/api_gateway/user_schemas/{schema_id}` Activates schema validation for an uploaded OpenAPI schema. Requests to matching endpoints will be validated against the schema definitions. ### Parameters - `zone_id: str` Identifier. - `schema_id: str` - `validation_enabled: Optional[Literal[true]]` Flag whether schema is enabled for validation. - `true` ### Returns - `class OldPublicSchema: …` - `created_at: datetime` - `kind: Literal["openapi_v3"]` Kind of schema - `"openapi_v3"` - `name: str` Name of the schema - `schema_id: str` UUID. - `source: Optional[str]` Source of the schema - `validation_enabled: Optional[bool]` Flag whether schema is enabled for validation. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) old_public_schema = client.api_gateway.user_schemas.edit( schema_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(old_public_schema.schema_id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "created_at": "2014-01-01T05:20:00.12345Z", "kind": "openapi_v3", "name": "petstore schema", "schema_id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", "source": "", "validation_enabled": true }, "success": true } ``` ## Delete a schema `api_gateway.user_schemas.delete(strschema_id, UserSchemaDeleteParams**kwargs) -> UserSchemaDeleteResponse` **delete** `/zones/{zone_id}/api_gateway/user_schemas/{schema_id}` Permanently removes an uploaded OpenAPI schema from API Shield schema validation. Operations using this schema will lose their validation rules. ### Parameters - `zone_id: str` Identifier. - `schema_id: str` ### Returns - `class UserSchemaDeleteResponse: …` - `errors: Message` - `code: int` - `message: str` - `documentation_url: Optional[str]` - `source: Optional[MessageItemSource]` - `pointer: Optional[str]` - `messages: Message` - `success: Literal[true]` Whether the API call was successful. - `true` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) user_schema = client.api_gateway.user_schemas.delete( schema_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) print(user_schema.errors) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true } ``` ## Domain Types ### Message - `List[MessageItem]` - `code: int` - `message: str` - `documentation_url: Optional[str]` - `source: Optional[MessageItemSource]` - `pointer: Optional[str]` ### Old Public Schema - `class OldPublicSchema: …` - `created_at: datetime` - `kind: Literal["openapi_v3"]` Kind of schema - `"openapi_v3"` - `name: str` Name of the schema - `schema_id: str` UUID. - `source: Optional[str]` Source of the schema - `validation_enabled: Optional[bool]` Flag whether schema is enabled for validation. ### User Schema Create Response - `class UserSchemaCreateResponse: …` - `schema: OldPublicSchema` - `created_at: datetime` - `kind: Literal["openapi_v3"]` Kind of schema - `"openapi_v3"` - `name: str` Name of the schema - `schema_id: str` UUID. - `source: Optional[str]` Source of the schema - `validation_enabled: Optional[bool]` Flag whether schema is enabled for validation. - `upload_details: Optional[UploadDetails]` - `warnings: Optional[List[UploadDetailsWarning]]` Diagnostic warning events that occurred during processing. These events are non-critical errors found within the schema. - `code: int` Code that identifies the event that occurred. - `locations: Optional[List[str]]` JSONPath location(s) in the schema where these events were encountered. See for JSONPath specification. - `message: Optional[str]` Diagnostic message that describes the event. ### User Schema Delete Response - `class UserSchemaDeleteResponse: …` - `errors: Message` - `code: int` - `message: str` - `documentation_url: Optional[str]` - `source: Optional[MessageItemSource]` - `pointer: Optional[str]` - `messages: Message` - `success: Literal[true]` Whether the API call was successful. - `true` # Operations ## Retrieve all operations from a schema. `api_gateway.user_schemas.operations.list(strschema_id, OperationListParams**kwargs) -> SyncV4PagePaginationArray[OperationListResponse]` **get** `/zones/{zone_id}/api_gateway/user_schemas/{schema_id}/operations` Retrieves all operations from the schema. Operations that already exist in API Shield Endpoint Management will be returned as full operations. ### Parameters - `zone_id: str` Identifier. - `schema_id: str` - `endpoint: Optional[str]` Filter results to only include endpoints containing this pattern. - `feature: Optional[List[Literal["thresholds", "parameter_schemas", "schema_info"]]]` Add feature(s) to the results. The feature name that is given here corresponds to the resulting feature object. Have a look at the top-level object description for more details on the specific meaning. - `"thresholds"` - `"parameter_schemas"` - `"schema_info"` - `host: Optional[SequenceNotStr[str]]` Filter results to only include the specified hosts. - `method: Optional[SequenceNotStr[str]]` Filter results to only include the specified HTTP methods. - `operation_status: Optional[Literal["new", "existing"]]` Filter results by whether operations exist in API Shield Endpoint Management or not. `new` will just return operations from the schema that do not exist in API Shield Endpoint Management. `existing` will just return operations from the schema that already exist in API Shield Endpoint Management. - `"new"` - `"existing"` - `page: Optional[int]` Page number of paginated results. - `per_page: Optional[int]` Maximum number of results per page. ### Returns - `OperationListResponse` - `class APIShieldOperation: …` - `endpoint: str` The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/. - `host: str` RFC3986-compliant host. - `last_updated: datetime` - `method: Literal["GET", "POST", "HEAD", 6 more]` The HTTP method used to access the endpoint. - `"GET"` - `"POST"` - `"HEAD"` - `"OPTIONS"` - `"PUT"` - `"DELETE"` - `"CONNECT"` - `"PATCH"` - `"TRACE"` - `operation_id: str` UUID. - `features: Optional[APIShieldOperationFeatures]` - `class APIShieldOperationFeaturesAPIShieldOperationFeatureThresholds: …` - `thresholds: Optional[APIShieldOperationFeaturesAPIShieldOperationFeatureThresholdsThresholds]` - `auth_id_tokens: Optional[int]` The total number of auth-ids seen across this calculation. - `data_points: Optional[int]` The number of data points used for the threshold suggestion calculation. - `last_updated: Optional[datetime]` - `p50: Optional[int]` The p50 quantile of requests (in period_seconds). - `p90: Optional[int]` The p90 quantile of requests (in period_seconds). - `p99: Optional[int]` The p99 quantile of requests (in period_seconds). - `period_seconds: Optional[int]` The period over which this threshold is suggested. - `requests: Optional[int]` The estimated number of requests covered by these calculations. - `suggested_threshold: Optional[int]` The suggested threshold in requests done by the same auth_id or period_seconds. - `class APIShieldOperationFeaturesAPIShieldOperationFeatureParameterSchemas: …` - `parameter_schemas: APIShieldOperationFeaturesAPIShieldOperationFeatureParameterSchemasParameterSchemas` - `last_updated: Optional[datetime]` - `parameter_schemas: Optional[APIShieldOperationFeaturesAPIShieldOperationFeatureParameterSchemasParameterSchemasParameterSchemas]` An operation schema object containing a response. - `parameters: Optional[List[object]]` An array containing the learned parameter schemas. - `responses: Optional[object]` An empty response object. This field is required to yield a valid operation schema. - `class APIShieldOperationFeaturesAPIShieldOperationFeatureAPIRouting: …` - `api_routing: Optional[APIShieldOperationFeaturesAPIShieldOperationFeatureAPIRoutingAPIRouting]` API Routing settings on endpoint. - `last_updated: Optional[datetime]` - `route: Optional[str]` Target route. - `class APIShieldOperationFeaturesAPIShieldOperationFeatureConfidenceIntervals: …` - `confidence_intervals: Optional[APIShieldOperationFeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervals]` - `last_updated: Optional[datetime]` - `suggested_threshold: Optional[APIShieldOperationFeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThreshold]` - `confidence_intervals: Optional[APIShieldOperationFeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervals]` - `p90: Optional[APIShieldOperationFeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervalsP90]` Upper and lower bound for percentile estimate - `lower: Optional[float]` Lower bound for percentile estimate - `upper: Optional[float]` Upper bound for percentile estimate - `p95: Optional[APIShieldOperationFeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervalsP95]` Upper and lower bound for percentile estimate - `lower: Optional[float]` Lower bound for percentile estimate - `upper: Optional[float]` Upper bound for percentile estimate - `p99: Optional[APIShieldOperationFeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervalsP99]` Upper and lower bound for percentile estimate - `lower: Optional[float]` Lower bound for percentile estimate - `upper: Optional[float]` Upper bound for percentile estimate - `mean: Optional[float]` Suggested threshold. - `class APIShieldOperationFeaturesAPIShieldOperationFeatureSchemaInfo: …` - `schema_info: Optional[APIShieldOperationFeaturesAPIShieldOperationFeatureSchemaInfoSchemaInfo]` - `active_schema: Optional[APIShieldOperationFeaturesAPIShieldOperationFeatureSchemaInfoSchemaInfoActiveSchema]` Schema active on endpoint. - `id: Optional[str]` UUID. - `created_at: Optional[datetime]` - `is_learned: Optional[bool]` True if schema is Cloudflare-provided. - `name: Optional[str]` Schema file name. - `learned_available: Optional[bool]` True if a Cloudflare-provided learned schema is available for this endpoint. - `mitigation_action: Optional[Literal["none", "log", "block"]]` Action taken on requests failing validation. - `"none"` - `"log"` - `"block"` - `class APIShieldBasicOperation: …` - `endpoint: str` The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/. - `host: str` RFC3986-compliant host. - `method: Literal["GET", "POST", "HEAD", 6 more]` The HTTP method used to access the endpoint. - `"GET"` - `"POST"` - `"HEAD"` - `"OPTIONS"` - `"PUT"` - `"DELETE"` - `"CONNECT"` - `"PATCH"` - `"TRACE"` ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) page = client.api_gateway.user_schemas.operations.list( schema_id="f174e90a-fafe-4643-bbbc-4a0ed4fc8415", zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) page = page.result[0] print(page) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": [ { "endpoint": "/api/v1/users/{var1}", "host": "www.example.com", "last_updated": "2014-01-01T05:20:00.12345Z", "method": "GET", "operation_id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415", "features": { "thresholds": { "auth_id_tokens": 0, "data_points": 0, "last_updated": "2014-01-01T05:20:00.12345Z", "p50": 0, "p90": 0, "p99": 0, "period_seconds": 0, "requests": 0, "suggested_threshold": 0 } } } ], "success": true, "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000, "total_pages": 100 } } ``` ## Domain Types ### Operation List Response - `OperationListResponse` - `class APIShieldOperation: …` - `endpoint: str` The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/. - `host: str` RFC3986-compliant host. - `last_updated: datetime` - `method: Literal["GET", "POST", "HEAD", 6 more]` The HTTP method used to access the endpoint. - `"GET"` - `"POST"` - `"HEAD"` - `"OPTIONS"` - `"PUT"` - `"DELETE"` - `"CONNECT"` - `"PATCH"` - `"TRACE"` - `operation_id: str` UUID. - `features: Optional[APIShieldOperationFeatures]` - `class APIShieldOperationFeaturesAPIShieldOperationFeatureThresholds: …` - `thresholds: Optional[APIShieldOperationFeaturesAPIShieldOperationFeatureThresholdsThresholds]` - `auth_id_tokens: Optional[int]` The total number of auth-ids seen across this calculation. - `data_points: Optional[int]` The number of data points used for the threshold suggestion calculation. - `last_updated: Optional[datetime]` - `p50: Optional[int]` The p50 quantile of requests (in period_seconds). - `p90: Optional[int]` The p90 quantile of requests (in period_seconds). - `p99: Optional[int]` The p99 quantile of requests (in period_seconds). - `period_seconds: Optional[int]` The period over which this threshold is suggested. - `requests: Optional[int]` The estimated number of requests covered by these calculations. - `suggested_threshold: Optional[int]` The suggested threshold in requests done by the same auth_id or period_seconds. - `class APIShieldOperationFeaturesAPIShieldOperationFeatureParameterSchemas: …` - `parameter_schemas: APIShieldOperationFeaturesAPIShieldOperationFeatureParameterSchemasParameterSchemas` - `last_updated: Optional[datetime]` - `parameter_schemas: Optional[APIShieldOperationFeaturesAPIShieldOperationFeatureParameterSchemasParameterSchemasParameterSchemas]` An operation schema object containing a response. - `parameters: Optional[List[object]]` An array containing the learned parameter schemas. - `responses: Optional[object]` An empty response object. This field is required to yield a valid operation schema. - `class APIShieldOperationFeaturesAPIShieldOperationFeatureAPIRouting: …` - `api_routing: Optional[APIShieldOperationFeaturesAPIShieldOperationFeatureAPIRoutingAPIRouting]` API Routing settings on endpoint. - `last_updated: Optional[datetime]` - `route: Optional[str]` Target route. - `class APIShieldOperationFeaturesAPIShieldOperationFeatureConfidenceIntervals: …` - `confidence_intervals: Optional[APIShieldOperationFeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervals]` - `last_updated: Optional[datetime]` - `suggested_threshold: Optional[APIShieldOperationFeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThreshold]` - `confidence_intervals: Optional[APIShieldOperationFeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervals]` - `p90: Optional[APIShieldOperationFeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervalsP90]` Upper and lower bound for percentile estimate - `lower: Optional[float]` Lower bound for percentile estimate - `upper: Optional[float]` Upper bound for percentile estimate - `p95: Optional[APIShieldOperationFeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervalsP95]` Upper and lower bound for percentile estimate - `lower: Optional[float]` Lower bound for percentile estimate - `upper: Optional[float]` Upper bound for percentile estimate - `p99: Optional[APIShieldOperationFeaturesAPIShieldOperationFeatureConfidenceIntervalsConfidenceIntervalsSuggestedThresholdConfidenceIntervalsP99]` Upper and lower bound for percentile estimate - `lower: Optional[float]` Lower bound for percentile estimate - `upper: Optional[float]` Upper bound for percentile estimate - `mean: Optional[float]` Suggested threshold. - `class APIShieldOperationFeaturesAPIShieldOperationFeatureSchemaInfo: …` - `schema_info: Optional[APIShieldOperationFeaturesAPIShieldOperationFeatureSchemaInfoSchemaInfo]` - `active_schema: Optional[APIShieldOperationFeaturesAPIShieldOperationFeatureSchemaInfoSchemaInfoActiveSchema]` Schema active on endpoint. - `id: Optional[str]` UUID. - `created_at: Optional[datetime]` - `is_learned: Optional[bool]` True if schema is Cloudflare-provided. - `name: Optional[str]` Schema file name. - `learned_available: Optional[bool]` True if a Cloudflare-provided learned schema is available for this endpoint. - `mitigation_action: Optional[Literal["none", "log", "block"]]` Action taken on requests failing validation. - `"none"` - `"log"` - `"block"` - `class APIShieldBasicOperation: …` - `endpoint: str` The endpoint which can contain path parameter templates in curly braces, each will be replaced from left to right with {varN}, starting with {var1}, during insertion. This will further be Cloudflare-normalized upon insertion. See: https://developers.cloudflare.com/rules/normalization/how-it-works/. - `host: str` RFC3986-compliant host. - `method: Literal["GET", "POST", "HEAD", 6 more]` The HTTP method used to access the endpoint. - `"GET"` - `"POST"` - `"HEAD"` - `"OPTIONS"` - `"PUT"` - `"DELETE"` - `"CONNECT"` - `"PATCH"` - `"TRACE"` # Hosts ## Retrieve schema hosts in a zone `api_gateway.user_schemas.hosts.list(HostListParams**kwargs) -> SyncV4PagePaginationArray[HostListResponse]` **get** `/zones/{zone_id}/api_gateway/user_schemas/hosts` Lists all unique hosts found in uploaded OpenAPI schemas for the zone. Useful for understanding which domains have schema coverage. ### Parameters - `zone_id: str` Identifier. - `page: Optional[int]` Page number of paginated results. - `per_page: Optional[int]` Maximum number of results per page. ### Returns - `class HostListResponse: …` - `created_at: datetime` - `hosts: List[str]` Hosts serving the schema, e.g zone.host.com - `name: str` Name of the schema - `schema_id: str` UUID. ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) page = client.api_gateway.user_schemas.hosts.list( zone_id="023e105f4ecef8ad9ca31a8372d0c353", ) page = page.result[0] print(page.schema_id) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "success": true, "result": [ { "created_at": "2014-01-01T05:20:00.12345Z", "hosts": [ "string" ], "name": "petstore schema", "schema_id": "f174e90a-fafe-4643-bbbc-4a0ed4fc8415" } ], "result_info": { "count": 1, "page": 1, "per_page": 20, "total_count": 2000, "total_pages": 100 } } ``` ## Domain Types ### Host List Response - `class HostListResponse: …` - `created_at: datetime` - `hosts: List[str]` Hosts serving the schema, e.g zone.host.com - `name: str` Name of the schema - `schema_id: str` UUID. # Expression Template # Fallthrough ## Generate fallthrough WAF expression template from a set of API hosts `api_gateway.expression_template.fallthrough.create(FallthroughCreateParams**kwargs) -> FallthroughCreateResponse` **post** `/zones/{zone_id}/api_gateway/expression-template/fallthrough` Creates an expression template fallthrough rule for API Shield. Used for configuring default behavior when no other expression templates match. ### Parameters - `zone_id: str` Identifier. - `hosts: SequenceNotStr[str]` List of hosts to be targeted in the expression ### Returns - `class FallthroughCreateResponse: …` - `expression: str` WAF Expression for fallthrough - `title: str` Title for the expression ### Example ```python import os from cloudflare import Cloudflare client = Cloudflare( api_token=os.environ.get("CLOUDFLARE_API_TOKEN"), # This is the default and can be omitted ) fallthrough = client.api_gateway.expression_template.fallthrough.create( zone_id="023e105f4ecef8ad9ca31a8372d0c353", hosts=["{zone}.domain1.tld", "domain2.tld"], ) print(fallthrough.expression) ``` #### Response ```json { "errors": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "messages": [ { "code": 1000, "message": "message", "documentation_url": "documentation_url", "source": { "pointer": "pointer" } } ], "result": { "expression": "(cf.api_gateway.fallthrough_detected)", "title": "Fallthrough Expression for [zone.domain.tld]" }, "success": true } ``` ## Domain Types ### Fallthrough Create Response - `class FallthroughCreateResponse: …` - `expression: str` WAF Expression for fallthrough - `title: str` Title for the expression